یک رویکرد نوین برای سیستم تشخیص نفوذ در اینترنت اشیاء با استفاده از انتخاب ویژگی ترکیبی مبتنی بر همبستگی و الگوریتم بهینهسازی شاهین هریس
محورهای موضوعی : شبکه های عصبی و یادگیری عمیقیاشار سلامی 1 * , یاسر عبازاده 2 , مهدی همرنگ 3 , نوشین الله بخشی 4
1 - Department of Computer and Information Technology Engineering, Qazvin Branch, Islamic Azad University, Qazvin, Iran
2 - گروه مهندسی کامپیوتر، واحد گرمی، دانشگاه آزاد اسلامی، گرمی، ایران.
3 - گروه مهندسی کامپیوتر، واحد گرمی، دانشگاه آزاد اسلامی، گرمی، ایران
4 - Department of Computer and Information Technology Engineering, Khoy Branch, Islamic Azad University, Khoy, Iran
کلید واژه: اینترنت اشیا , تشخیص نفوذ, بهینه سازی , الگوریتم ,
چکیده مقاله :
با رشد سریع اینترنت اشیاء (IoT)، تعداد دستگاههای متصل به شبکههای مختلف به طور قابل توجهی افزایش یافته است. این دستگاهها مقادیر زیادی داده تولید میکنند و غالباً در محیطهای باز و ناامن مستقر میشوند که آنها را در معرض حملات سایبری مختلف قرار میدهد. بنابراین، اطمینان از امنیت شبکههای IoT به یک نگرانی اصلی برای محققان تبدیل شده است. یکی از مؤثرترین روشها برای حفظ امنیت شبکه، استفاده از سیستمهای تشخیص نفوذ (IDS) است. تشخیص نفوذ، دادههای ورودی را نظارت و تحلیل میکند تا فعالیتهای مشکوک و حملات احتمالی را شناسایی کند. با توجه به محدودیتهای منابع دستگاههای IoT و پیچیدگی شبکهها، بهبود دقت و کارآیی IDS بسیار حائز اهمیت است. هدف اصلی این تحقیق، ارائه یک IDS جدید و بهینهسازی شده برای شبکههای IoT است. یک روش انتخاب ویژگی ترکیبی برای افزایش دقت و کاهش پیچیدگی محاسباتی به کار گرفته شده است که شامل فیلتر کردن مبتنی بر همبستگی و روشهای پوششی با استفاده از الگوریتم بهینهسازی شاهین هریس (HHO) میباشد. در این رویکرد، ویژگیهای غیرضروری حذف و ویژگیهای ضروری برای طبقهبندی انتخاب میشوند. نتایج شبیهسازی نشان میدهد که این روش به دقت 96.46% دست یافته است و در مقایسه با روشهای سنتی مانند DT و SVM عملکرد بهتری داشته و نرخهای مثبت کاذب و منفی کاذب را بهبود بخشیده است.
With the rapid growth of the Internet of Things (IoT), the number of devices connected to various networks has significantly increased. These devices generate vast amounts of data and are often deployed in open and unsecured environments, making them vulnerable to various cyber-attacks. Therefore, ensuring the security of IoT networks has become a primary concern for researchers. One of the most effective methods for maintaining network security is using Intrusion Detection Systems (IDS). Intrusion detection monitors and analyzes incoming data to detect suspicious activities and potential attacks. Given the resource constraints of IoT devices and the complexity of the networks, improving the accuracy and efficiency of IDS is crucial. The primary goal of this research is to present a novel and optimized IDS for IoT networks. A hybrid feature selection method has been employed to enhance accuracy and reduce computational complexity, combining correlation-based filtering and wrapper methods using the Harris Hawk Optimization (HHO) algorithm. In this approach, unnecessary features are removed, and essential features for classification are selected. Simulation results indicate that this method has achieved a 96.46% accuracy, outperforming traditional methods such as DT and SVM while improving false positive and false negative rates
[1] M. Wazid, P. Bagga, A. K. Das, S. Shetty, J. J. P. C. Rodrigues, and Y. Park, “AKM-IoV: Authenticated Key Management Protocol in Fog Computing-Based Internet of Vehicles Deployment,” IEEE Internet Things J., vol. 6, no. 5, pp. 8804–8817, 2019. [2] Y. Salami, V. Khajehvand, and E. Zeinali, “SOS-FCI: a secure offloading scheme in fog–cloud-based IoT,” J. Supercomput., vol. 80, no. 1, pp. 570–600, 2024, doi: 10.1007/s11227-023-05499-3. [3] X. Mu and M. F. Antwi-Afari, “The applications of Internet of Things (IoT) in industrial management: a science mapping review,” Int. J. Prod. Res., vol. 62, no. 5, pp. 1928–1952, 2024. [4] M. Sugar and I. H. Berkovitz, “Fog Computing Conceptual Model,” Adolesc. Psychiatry (Hilversum)., vol. 1, no. 2, pp. 169–178, 2011, doi: 10.2174/2210677411101020169. [5] M. Nassereddine and A. Khang, “Applications of Internet of Things (IoT) in smart cities,” in Advanced IoT technologies and applications in the industry 4.0 digital economy, CRC Press, 2024, pp. 109–136. [6] Y. Salami, V. Khajehvand, and E. Zeinali, “SAIFC: A Secure Authentication Scheme for IOV Based on Fog-Cloud Federation,” Secur. Commun. Networks, vol. 1, pp. 1–19, 2023. [7] A. Rajagopalan et al., “Empowering power distribution: Unleashing the synergy of IoT and cloud computing for sustainable and efficient energy systems,” Results Eng., p. 101949, 2024. [8] Y. Salami, Y. Ebazadeh, and V. Khajehvand, “CE-SKE: cost-effective secure key exchange scheme in Fog Federation,” Iran J. Comput. Sci., vol. 4, no. 3, pp. 1–13, 2021. [9] A. Souri, M. Norouzi, and Y. Alsenani, “A new cloud-based cyber-attack detection architecture for hyper-automation process in industrial internet of things,” Cluster Comput., vol. 27, no. 3, pp. 3639–3655, 2024. [10] Y. Salami and S. Hosseini, “BSAMS: Blockchain-Based Secure Authentication Scheme in Meteorological Systems,” Nivar, vol. 47, no. 120–121, pp. 181–197, 2023. [11] Y. Salami, F. Taherkhani, Y. Ebazadeh, M. Nemati, V. Khajehvand, and E. Zeinali, “Blockchain-Based Internet of Vehicles in Green Smart City: Applications and Challenges and Solutions,” Anthropog. Pollut., vol. 7, no. 1, pp. 87–96, 2023. [12] S. C. Vetrivel, R. Maheswari, and T. P. Saravanan, “Industrial IOT: Security Threats and Counter Measures,” in Communication Technologies and Security Challenges in IoT: Present and Future, Springer, 2024, pp. 403–425. [13] Y. Salami, V. Khajevand, and E. Zeinali, “Cryptographic Algorithms: A Review of the Literature, Weaknesses and Open Challenges,” J. Comput. Robot., vol. 16, no. 2, pp. 46–56, 2023. [14] U. D. Maiwada, S. A. Imran, K. U. Danyaro, A. A. Janisar, A. Salameh, and A. B. Sarlan, “Security Concerns of IoT Against DDoS in 5G Systems,” Int. J. Electr. Eng. Comput. Sci., vol. 6, pp. 98–105, 2024. [15] Y. Salami, V. Khajehvand, and E. Zeinali, “A new secure offloading approach for internet of vehicles in fog-cloud federation,” Sci. Rep., vol. 14, no. 1, p. 5576, 2024. [16] Y. Salami and V. Khajehvand, “SMAK-IOV: Secure Mutual Authentication Scheme and Key Exchange Protocol in Fog Based IoV,” J. Comput. Robot., vol. 13, no. 1, pp. 11–20, 2020. [17] Y. Salami, V. Khajehvand, and E. Zeinali, “LSMAK-IOV: Lightweight Secure Mutual AKE Scheme in Fog-Based IoV,” in 2024 10th International Conference on Artificial Intelligence and Robotics (QICAR), IEEE, 2024, pp. 1–5. [18] Z. Wang, J. Li, S. Yang, X. Luo, D. Li, and S. Mahmoodi, “A lightweight IoT intrusion detection model based on improved BERT-of-Theseus,” Expert Syst. Appl., vol. 238, p. 122045, 2024. [19] O. B. J. Rabie, S. Selvarajan, T. Hasanin, A. M. Alshareef, C. K. Yogesh, and M. Uddin, “A novel IoT intrusion detection framework using Decisive Red Fox optimization and descriptive back propagated radial basis function models,” Sci. Rep., vol. 14, no. 1, p. 386, 2024. [20] E. Altulaihan, M. A. Almaiah, and A. Aljughaiman, “Anomaly Detection IDS for Detecting DoS Attacks in IoT Networks Based on Machine Learning Algorithms,” Sensors, vol. 24, no. 2, p. 713, 2024. [21] M. M. Inuwa and R. Das, “A comparative analysis of various machine learning methods for anomaly detection in cyber attacks on IoT networks,” Internet of Things, vol. 26, p. 101162, 2024. [22] A. Aldhaheri, F. Alwahedi, M. A. Ferrag, and A. Battah, “Deep learning for cyber threat detection in IoT networks: A review,” Internet Things cyber-physical Syst., vol. 4, pp. 110–128, 2024. [23] N. O. Aljehane et al., “Golden jackal optimization algorithm with deep learning assisted intrusion detection system for network security,” Alexandria Eng. J., vol. 86, pp. 415–424, 2024. [24] C. Hazman, A. Guezzaz, S. Benkirane, and M. Azrour, “Enhanced ids with deep learning for iot-based smart cities security,” Tsinghua Sci. Technol., vol. 29, no. 4, pp. 929–947, 2024. [25] D. Li, L. Deng, M. Lee, and H. Wang, “IoT data feature extraction and intrusion detection system for smart cities based on deep migration learning,” Int. J. Inf. Manage., vol. 49, pp. 533–545, 2019. [26] A. Elsaeidy, K. S. Munasinghe, D. Sharma, and A. Jamalipour, “Intrusion detection in smart cities using Restricted Boltzmann Machines,” J. Netw. Comput. Appl., vol. 135, pp. 76–83, 2019. [27] T. Saba, “Intrusion detection in smart city hospitals using ensemble classifiers,” in 2020 13th International Conference on Developments in eSystems Engineering (DeSE), IEEE, 2020, pp. 418–422. [28] E. M. Onyema, S. Dalal, C. A. T. Romero, B. Seth, P. Young, and M. A. Wajid, “Design of intrusion detection system based on cyborg intelligence for security of cloud network traffic of smart cities,” J. Cloud Comput., vol. 11, no. 1, p. 26, 2022. [29] M. M. Rashid et al., “Adversarial training for deep learning-based cyberattack detection in IoT-based smart city applications,” Comput. Secur., vol. 120, p. 102783, 2022. [30] M. Abdedaime, A. Qafas, M. Jerry, and A. Guezzaz, “A KNN-based intrusion detection model for smart cities security,” in International Conference on Innovative Computing and Communications: Proceedings of ICICC 2022, Volume 3, Springer, 2022, pp. 265–272. [31] M. Roopak, G. Y. Tian, and J. Chambers, “Multi‐objective‐based feature selection for DDoS attack detection in IoT networks,” IET Networks, vol. 9, no. 3, pp. 120–127, 2020. [32] A. Awajan, “A novel deep learning-based intrusion detection system for IOT networks,” Computers, vol. 12, no. 2, p. 34, 2023.