ارایه یک سیستم موثر و سبک برای تشخیص نفوذ در محیط اینترنت اشیا مبتنی بر محاسبات مه و ابر بر اساس طبقه بندی KNN
محورهای موضوعی : پردازش چند رسانه ای، سیستمهای ارتباطی، سیستمهای هوشمندعلی کفاش 1 , سیدرضا کامل طباخ فریضنی 2 , مریم خیرآبادی 3
1 - دانشجوی دکتری، گروه مهندسی کامپیوتر، واحد نیشابور، دانشگاه آزاد اسلامی، نیشابور، ایران
2 - دانشیار، گروه مهندسی کامپیوتر، واحد مشهد، دانشگاه آزاد اسلامی، مشهد، ایران
3 - استادیار، گروه مهندسی کامپیوتر ، واحد نیشابور، دانشگاه آزاد اسلامی، نیشابور، ایران
کلید واژه: سیستم تشخیص نفوذ, ابر, مه, نزدیکترین همسایگی, شبکه عصبی چند لایه,
چکیده مقاله :
محدودیت منابع در وسایل الکترونیکی اینترنت اشیا باعث شده است کمتر به مقوله امنیت در آن توجه شود. راه کار های تشخیص نفوذ امروزه یکی از مهم ترین و اساسی ترین راه حل ها برای شناسایی انواع حملات و تهدیدات و اتخاذ راه کار مناسب برای مقابله با آن ها می باشند. همچنین با توجه به باز بودن محیط قرار گرفتن وسایل مبتنی بر اینترنت اشیا با عث آسیب پذیری بیشتر این محیط می شود.به همین علت ارایه یک سیستم تشخیص نفوذ موثر و کارا می تواند راه کار مناسبی برای این محیط باشد. دراین مقاله به ارایه یک سیستم تشخیص نفوذ دو لایه مبتنی بر طبقه بند KNN برای جداسازی ترافیک عادی از حمله و شبکه مصنوعی پرسپترون چند لایه برای تشخیص نوع حمله پرداخته ایم. مجموعه داده استفاده شده مجموعه داده معروف KDD-CUP 99 می باشد.نتایج آزمایش بیانگر دقت 99.743% برای مجموعه داده و همچنین بهبود پارامترهای Accuracy ، Recall، Precision، F-measure، TPR و FPR می باشد. همچنین زمان تاخیر روش پیشنهادی نسبت به روش MLP-MLP میزان 40% بهبود یافته است و 139% تاخیر کمتری نسبت به حالت بدون مه دارد.
Introduction: In today's ever-evolving landscape of technology, the Internet of Things (IoT) has emerged as a transformative force, interconnecting countless smart devices that permeate our daily lives. From smart homes and cities to industrial automation and healthcare, IoT has brought about unprecedented convenience and efficiency. However, this rapid proliferation of IoT devices has also given rise to significant security challenges. The IoT ecosystem encompasses a diverse array of devices, ranging from wearable fitness trackers to critical infrastructure components, all of which are susceptible to cyber threats. Unauthorized access, data breaches, and malicious attacks on IoT networks pose severe risks to data privacy, infrastructure stability, and public safety. As a result, the need for robust security measures, such as IoT Intrusion Detection Systems, has become increasingly evident. The importance of these systems cannot be overstated, as they serve as the first line of defense against a myriad of IoT-related threats. By identifying and responding to potential security breaches, IoT Intrusion Detection Systems help maintain the integrity of data, ensure the functionality of IoT devices, and preserve the trustworthiness of the entire IoT network. The limitation of resources in electronic devices of the Internet of Things has caused less attention to the security. Today, Intrusion detection systems (IDSs) are one of the most important solutions to identify all types of attacks and threats and adopt appropriate solutions to deal with them. In addition, due to the openness of the environment, the placement of devices based on the Internet of Things makes this environment more vulnerable. For this reason, providing an effective and efficient intrusion detection system can be a suitable solution for this environment. Method: In this article, we have presented a two-layer intrusion detection system based on KNN classification to separate malicious traffic from normal mode and multilayer perceptron artificial network to detect the type of attack. The data set used is KDD-CUP 99 data set.
Results: The experiment results show 99.743% accuracy for the data set as well as the improvement of Accuracy, Recall, Precision, F-measure, TPR and FPR parameters. In addition, the delay time of the proposed method is improved 40% compared to the MLP-MLP method and has a 139% lower delay than the fog-free state. Discussion: The present study aims to propose two-layer hierarchical IDS based on machine learning, which detects attacks by considering the limitations of IoT resources. In order to create an efficient and accurate IDS, the combination of two improved K-nearest neighbor (KNN) algorithms and multi-layer perceptron (MLP) neural network applied in the fog and cloud to separate the attacks from normal traffic, respectively. we evaluated our proposed method using KDD-CUP 99 dataset. The results prove the improvement in accuracy, compared to the previous methods.
Method: In this article, we have presented a two-layer intrusion detection system based on KNN classification to separate malicious traffic from normal mode and multilayer perceptron artificial network to detect the type of attack. The data set used is KDD-CUP 99 data set. Results: The experiment results show 99.743% accuracy for the data set as well as the improvement of Accuracy, Recall, Precision, F-measure, TPR and FPR parameters. In addition, the delay time of the proposed method is improved 40% compared to the MLP-MLP method and has a 139% lower delay than the fog-free state.
Discussion: The present study aims to propose two-layer hierarchical IDS based on machine learning, which detects attacks by considering the limitations of IoT resources. In order to create an efficient and accurate IDS, the combination of two improved K-nearest neighbor (KNN) algorithms and multi-layer perceptron (MLP) neural network applied in the fog and cloud to separate the attacks from normal traffic, respectively. we evaluated our proposed method using KDD-CUP 99 dataset. The results prove the improvement in accuracy, compared to the previous methods.
[1] M. T. S. MohammadJavad Zand, "Improvement of IOT Security in ZigBee Network Using AES256 Algorithm," Intelligent Multimedia Processing and Communication Systems(IMPCS), no. 2, p. 53, 2020.
[2] W. H. Hassan, "Current research on Internet of Things (IoT) security: A survey.," Computer Networks, vol. 148, pp. 283-294, 2019.
[3] A. G. Rozbeh Hosseinnezhad, "Intrusion Detection System in The Cloud Computing Using Heterogeneity Detection Technique," Intelligent Multimedia Processing and Communication Systems (IMPCS), no. 1, p. 39, 2021.
[4] R. B. M. ,. L. C. M. W. ,. G. A. G. Cristiano Antonio de Souza Carlos Becker Westphall, "Intrusion detection and prevention in fog based IoT environments: A Systematic Literature Review," Computer Networks, 2022.
[5] G. K. A. S. J. V. C. Kolias, "DDoS in the IoT: Mirai and Other Botnets," Computer, vol. 50, no. 7, pp. 80-84, 2017.
[6] S. Y. H. Tanaka, "On modeling and simulation of the behavior of," in 2017 IEEE International Symposium on, 2017.
[7] V. K. P. M. A.C. Panchal, "Security issues in IIoT: a comprehen- sive survey of attacks on IIoT and its countermeasures," in 2018 IEEE Global Con- ference on Wireless Computing and Networking (GCWCN), 2018.
[8] C. B. W. ,. R. B. M. B. M. S. ,. G. d. S. V. Cristiano Antonio de Souza, "Hybrid approach to intrusion detection in fog-based IoT environments," Computer Networks, vol. 180, 2020.
[9] R. M. C. K. S. d. A. B.B. Zarpelão, "A survey of intrusion detection in Internet of Things," Journal of Network and Computer Applications, vol. 84, pp. 25-37, 2017.
[10] L. G. P. M. Q. A. X. L. M. T. D. K. H. S. B. A. K. Victor Chang, "A Survey on Intrusion Detection Systems for Fog and Cloud Computing," future internet, vol. 14, no. 89, 2022.
[11] F. V. A. P. P. J. H. T. &. T. H. Hosseinpour, "An intrusion detection system for fog computing and IoT based logistic systems using a smart data approach," International Journal of Digital Content Technology and its Applications,, p. 10, 2016.
[12] "http:// kdd. ics. uci. edu/ datab ases/ kddcu p99/ kddcu p99. html," [Online].
[13] "https:// www. unb. ca/ cic/ datas ets/ ids. html," [Online].
[14] A. A. K. N. G. Yasmine Labiod, "Fog Computing Based Intrusion Detection Architecture to Protect IoT Networks," Wireless Personal Communications, vol. 125, pp. 231-259, 2022.
[15] K. P. S. P. P. R. Vinayakumar, "Evaluating effectiveness of shallow and deep networks to intrusion detection system," in International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017.
[16] X. Z. X. L. X. L. F. &. Y. L. An, "Sample selected extreme learning machine based intrusion detection in fog computing and MEC," Wireless Communications and Mobile Computing, 2018.
[17] "Distributed attack detection scheme using deep learning approach for internet of things," Future Generation Computer Systems, vol. 82, pp. 761-768, 2018.
[18] K. ,. S. S. S.Prabavathy, "Design of Cognitive Fog Computing for Intrusion Detection in Internet of Things," Journal of Communications and Networks, pp. 291-298, 2018.
[19] L. Z. S. W. C. H. T. L. Victor C. M. Leung, "Intrusion detection system based on decision tree over big data in fog environment," Big IoT Data Analytics in Fog Computing, 2018.
[20] F.-B. Mocnik, "An improved algorithm for dynamic nearest-neighbour models," Journal of Spatial Science, vol. 67, no. 3, pp. 411-438, 2022.
[21] J. L. ,. B. Souradip Roy, "A Two-layer Fog-Cloud Intrusion Detection Model for IoT Networks," Internet of Things, vol. 19, 2022.