یک رویکرد تشخیص حملات توزیع شده در لایه مه و بر اساس پایگاه داده توزیع شده بلاک چین و یادگیری ماشین
محورهای موضوعی : مهندسی کامپیوترمحسن اقبالی 1 , محمدرضا ملاحسینی اردکانی 2
1 - دانشجوی دکتری مهندسی کامپیوتر، گروه مهندسی کامپیوتر، واحد میبد، دانشگاه آزاد اسلامی، میبد، ایران
2 - گروه کامپیوتر، دانشگاه آزاد اسلامی واحد میبد، میبد، ایران
کلید واژه: سیستم تشخیص نفوذ, لایه مه, یادگیری ماشین, شبکه عصبی GAN, انتخاب ویژگی, الگوریتم بهینه¬سازی کوآتی.,
چکیده مقاله :
حملات DDoS با ارسال حجم زیادی از ترافیک کاذب توسط باتنتها، سرویسهای شبکه را از دسترس کاربران خارج میکنند. یکی از روشهای مقابله با حملات DDoS، استفاده از یادگیری ماشین است، اما این روشها با چالشهایی مانند حجم بالای ترافیک IoT و عدم توازن در دادهها مواجهاند. این مقاله سیستم تشخیص نفوذ توزیعشدهای در لایه مه معرفی میکند که بهصورت غیرمتمرکز ترافیک حملات شبکه را شناسایی میکند. در این روش، هر گره مه به عنوان سیستم تشخیص نفوذ عمل کرده و با تبادل لیست سیاهها از طریق بلاکچین، محرمانگی شناسایی حملات را افزایش میدهند. گره های مه ویژگیهای اصلی ترافیک شبکه را با استفاده از الگوریتم بهینهسازی کوآتی(Coati) شناسایی کرده و از این ویژگیها برای آموزش شبکه عصبی چندلایه ا در تشخیص نفوذ استفاده میکنند. انتخاب ویژگیها ترافیک را کاهش داده و دقت و سرعت شناسایی حملات را افزایش میدهد. برای تعادل ترافیک شبکه، از روش GAN بر اساس نظریه بازیها استفاده میشود. آزمایشها در محیط نرمافزاری متلب و روی NSL-KDD نشان میدهد که سیستم پیشنهادی دارای دقت، حساسیت و صحتی به ترتیب 98.67%، 98.52% و 98.34% است. این روش در شناسایی حملات شبکه دقیقتر از روشهای انتخاب ویژگی مانند WOA، GWO و HHO و نیز دقیقتر از LSTM وCNN است.
DDoS attacks make network services unavailable to users by sending fake traffic by botnets. One of the methods to deal with DDoS attacks is to use machine learning, but these methods face challenges such as high volume of IoT traffic and data imbalance. This paper introduces a distributed intrusion detection system in the fog layer that detects network attack traffic in a decentralized manner. In this method, each fog node acts as an intrusion detection system, and by exchanging blacklists through the blockchain, they increase the secrecy of detecting attacks. Fog nodes identify the main features of network traffic using the Coati optimization algorithm and use these features to train a multilayer neural network in intrusion detection. The selection of features reduces traffic and increases the accuracy and speed of attack detection. Based on game theory, the GAN method is used to balance network traffic. Tests performed in the MATLAB and on the NSL-KDD show that the proposed system has accuracy, sensitivity, and precision of 98.67%, 98.52%, and 98.34%, respectively. This method is more accurate in identifying network attacks than feature selection methods such as WOA, GWO, and HHO and more accurate than LSTM and CNN.
متعادل سازی ترافیک شبکه در لایه مه با تئوری بازی مبتنی بر شبکه GAN
ارایه یک نسخه باینری از الگوریتم بهینهسازی کوآتی که در سال 2023 ارایه شده برای انتخاب ویژگی
حفظ محرمانگی سیستم تشخیص نفوذ پیشنهادی با بلاک چین و مبادله لیست سیاه با بلاک چین بین گرههای مه
ارایه یک سیستم تشخیص نفوذ توزیع شده در لایه مه برای تشخیص حملات به IoT
[1] Z. Shah, I. Ullah, , H. Li, A. Levula and K. Khurshid, "Blockchain based solutions to mitigate distributed denial of service (DDoS) attacks in the Internet of Things (IoT): A survey," Sensors, vol. 22, no. 3, 2022, doi: 10.3390/s22031094.
[2] B. Kaur, S. Dadkhah, F. Shoeleh, E. C. P. Neto, P. Xiong, S. Iqbal and A. A. Ghorbani, "Internet of things (IoT) security dataset evolution: Challenges and future directions," Internet of Things, vol. 22, p. 100780, 2023, doi: 10.1016/j.iot.2023.100780.
[3] N. Elsayed, Z. ElSayed and M. Bayoumi, "IoT Botnet Detection Using an Economic Deep Learning Model," arXiv preprint arXiv:2302.02013, IEEE World AI IoT Congress (AIIoT), 2023, doi: 10.48550/arXiv.2302.02013.
[4] P. Pan, X. Ma, Y. Fu and F. Chen, "Automating Group Management of Large-Scale IoT Botnets for Antitracking. Security and Communication Networks," Security and Communication Networks, vol. 2022, Article ID: 4196945, doi: 10.1155/2022/4196945.
[5] P. Kumari and A. K. Jain, "A comprehensive study of DDoS attacks over IoT network and their countermeasures," Computers & Security, vol. 127, p. 103096, 2023, doi: 10.1016/j.cose.2023.103096.
[6] S. A. Khanday, H. Fatima and N. Rakesh, "Implementation of intrusion detection model for DDoS attacks in Lightweight IoT Networks,” Expert Systems with Applications, vol. 215, p. 119330, 2023, doi: 10.3390/app13179937.
[7] F. T. Zahra, Y. S. Bostanci and M. Soyturk, "Real-Time Jamming Detection in Wireless IoT Networks," in IEEE Access, vol. 11, pp. 70425-70442, 2023, doi: 10.1109/ACCESS.2023.3293404.
[8] S. Kumar, A. Guerrero and C. Navarro, "Cyber Security Flood Attacks and Risk Assessment for Internet of Things (IoT) Distributed Systems," IEEE World AI IoT Congress (AIIoT), Seattle, WA, USA, 2023, pp. 0392-0397, doi: 10.1109/AIIoT58121.2023.10174553.
[9] M. Mahmood and Q. Shafi, "A Smart IDS in IoT System to Detect Zero-Day Intrusions Using Automated Signature Update," Research Square, 2023, doi: 10.21203/rs.3.rs-3014508/v1.
[10] M. Douiba, S. Benkirane, A. Guezzaz and M. Azrour, "An improved anomaly detection model for IoT security using decision tree and gradient boosting," The Journal of Supercomputing, vol. 79, no. 3, pp. 3392-3411, 2023, doi: 10.1007/s11227-022-04783-y.
[11] A. Belhadi, Y. Djenouri, D. Djenouri , G. Srivastava and J. C. W Lin, "Group intrusion detection in the Internet of Things using a hybrid recurrent neural network," Cluster Computing, vol. 26, no. 2, pp. 1147-1158, 2023, doi: 10.1007/s10586-022-03779-w.
[12] G. O. Anyanwu, C. I. Nwakanma, J. M. Lee and D. S. Kim, "RBF-SVM kernel-based model for detecting DDoS attacks in SDN integrated vehicular network," Ad Hoc Networks, vol. 140, p. 103026, 2023, doi: 10.1016/j.adhoc.2022.103026.
[13] I. Priyadarshini, P. Mohanty, A. Alkhayyat, R. Sharma and S. Kumar, " SDN and application layer DDoS attacks detection in IoT devices by attention‐based Bi‐LSTM‐CNN," Transactions on Emerging Telecommunications Technologies, p. e4758, 2023, doi: 10.1002/ett.4758.
[14] S. S. S. Othman, C. F. M. Foozy and S. N. B. Mustafa, "Feature Selection of Distributed Denial of Service (DDos) IoT Bot Attack Detection Using Machine Learning Techniques,” Journal of Soft Computing and Data Mining, vol. 4 , no. 1, pp. 63-71, 2023, doi: 10.30880/jscdm.2023.04.01.006.
[15] R. Alkanhel, E. S. M. El-kenawy, A. A. Abdelhamid, A. Ibrahim, M. A. Alohali, M. Abotaleb and D. S. Khafaga, "Network Intrusion Detection Based on Feature Selection and Hybrid Metaheuristic Optimization," Computers, Materials & Continua, vol. 74, no. 2, pp. 2677-2693, 2023, doi: 10.32604/cmc.2023.033273.
[16] B. Bencsik, I. Reményi, M. Szemenyei and J. Botzheim, "Designing an embedded feature selection algorithm for a drowsiness detector model based on electroencephalogram data," Sensors, vol. 23, no. 4, 2023, doi: 10.3390/s23041874.
[17] M. Shafiq, Z. Tian, A. K. Bashir, X. Du and M. Guizani, "IoT malicious traffic identification using wrapper-based feature selection mechanisms," Computers & Security , vol. 94 , p. 101863, 2020, doi: 10.1016/j.cose.2020.101863.
[18] R. Yadav, I. Sreedevi and D. Gupta, "Augmentation in performance and security of WSNs for IoT applications using feature selection and classification techniques," Alexandria Engineering Journal, vol. 65, pp. 461-473, 2023, doi: 10.1016/j.aej.2022.10.033.
[19] M. S. Aliabadi, and A. Jalalian, "Detection of attacks in the Internet of Things with the feature selection approach based on the whale optimization algorithm and learning by majority voting," Research Square , 2023, doi: 10.21203/rs.3.rs-2424464/v2.
[20] R. Alkanhel, , E. S. M. El-kenawy, A. A. Abdelhamid, A. Ibrahim, M. A. Alohali, M. Abotaleb and D. S. Khafaga, "Network Intrusion Detection Based on Feature Selection and Hybrid Metaheuristic Optimization," Computers, Materials & Continua, vol. 74, no. 2, pp. 2677-2693, 2023, doi: 10.32604/cmc.2023.033273.
[21] I. Katib, and M. Ragab, "Blockchain-Assisted Hybrid Harris Hawks Optimization Based Deep DDoS Attack Detection in the IoT Environment," Mathematics, vol. 11, no. 8, pp. 1-16 , 2023 , doi: 10.3390/math11081887.
[22] T. K. Boppana and P. Bagade, "GAN-AE: An unsupervised intrusion detection system for MQTT networks," Engineering Applications of Artificial Intelligence, vol. 119, 2023, doi: 10.1016/j.engappai.2022.105805.
[23] M. Dehghani, Z. Montazeri, E. Trojovská and P. Trojovský, "Coati Optimization Algorithm: A new bio-inspired metaheuristic algorithm for solving optimization problems," Knowledge-Based Systems, vol. 259, p. 110011, 2023 , doi: 10.1016/j.knosys.2022.110011.
[24] M. R. Alam, S. I. Khan, S. B. Z Chowa, A. H Chowdhury, S. R. Kabir and M. J. Sadeq, "Use of Blockchain to Prevent Distributed Denial-of-Service (DDoS) Attack: A Systematic Literature Review," Advances in Distributed Computing and Machine Learning, vol. 660, pp. 39-47, 2023, doi: 10.1007/978-981-99-1203-2_4.
[25] Y. Zhang, Y. Liu, X. Guo, Z. Liu, X. Zhang and K. Liang, "A BiLSTM-Based DDoS Attack Detection Method for Edge Computing," Energies, vol. 15, no. 21, 2022, doi: 10.3390/en15217882.
[26] S. H. Lee, Y. L. Shiue, C. H. Cheng, Y. H. Li and Y. F. Huang, "Detection and Prevention of DDoS Attacks on the IoT," Applied Sciences, vol. 12, no. 23, 2022, doi: 10.3390/app122312407.
[27] S. Alosaimi and S. M. Almutairi, "An Intrusion Detection System Using BoT-IoT," Applied Sciences, vol. 13, no. 9, 2023, doi: 10.3390/app13095427.
[28] Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah and F. Ahmad, "Network intrusion detection system: A systematic study of machine learning and deep learning approaches," Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, p. e4150, 2021, doi: 10.1002/ett.4150.
[29] H. A. Hassan, E. E. Hemdan, W. El-Shafai, M. Shokair and F. E. A. El-Samie, "Intrusion Detection Systems for the Internet of Thing: A Survey Study," Wireless Personal Communications, vol. 128, no. 4, pp. 2753-2778, doi: 10.1007/s11277-022-10069-6.
[30] R. Malik, Y. Singh, Z. A Sheikh, P. Anand, P. K, Singh and T. C. Workneh, "An improved deep belief network ids on iot-based network for traffic systems," Journal of Advanced Transportation, vol. 2022, Article ID: 7892130, 2022, doi: 10.1155/2022/7892130.
[31] I. Ortega-Fernandez, M. Sestelo, J. C. Burguillo and C. Pinon-Blanco, "Network intrusion detection system for DDoS attacks in ICS using deep autoencoders," Wireless Networks, pp. 1-17, 2023, doi: 10.1007/s11276-022-03214-3.
[32] S. A. Khanday, H. Fatima and N. Rakesh, "Implementation of intrusion detection model for DDoS attacks in Lightweight IoT Networks," Expert Systems with Applications, vol. 215, Article ID: 119330, 2023, doi: 10.3390/app13179937.
[33] A. S. A. Issa and Z. Albayrak, "Ddos attack intrusion detection system based on hybridization of cnn and lstm. Acta Polytechnica Hungarica," Acta Polytechnica Hungarica, vol. 20 , no. 3, pp. 1-19, 2023, doi: 10.12700/APH.20.3.2023.3.6.
[34] A. Maryposonia, "An Efficient Network Intrusion Detection System for Distributed Networks using Machine Learning Technique," in IEEE International Conference on Trends in Electronics and Informatics (ICOEI), 2023, pp. 1258-1263, doi: 10.1109/ICOEI56765.2023.10126055.
[35] G. O. Anyanwu, C. I. Nwakanma, J. M.Lee and D. S. Kim, "RBF-SVM kernel-based model for detecting DDoS attacks in SDN integrated vehicular network," Ad Hoc Networks, vol. 140, p. 103026, 2023, doi: 10.1016/j.adhoc.2022.103026.
[36] P. Aravamudhan, "A novel adaptive network intrusion detection system for internet of things," Plos one, vol. 18, no. 4 , p. e0283725, 2023, doi: 10.1371/journal.pone.0283725.
[37] A. Almazyad, L. Halman and A. Alsaeed, "Probe Attack Detection Using an Improved Intrusion Detection System," Computers, Materials & Continua, vol. 74, no. 3, pp. 4769-4784, 2023, doi: 10.32604/cmc.2023.033382.
[38] G. Nagarajan and P. J. Sajith, "Optimization of BPN parameters using PSO for intrusion detection in cloud environment," Soft Computing, pp. 1-12, doi: 10.1007/s00500-023-08737-1.
[39] A. Thangasamy, B. Sundan and L. Govindaraj, "A Novel Framework for DDoS Attacks Detection Using Hybrid LSTM Techniques," Computer Systems Science & Engineering, vol. 45, no. 3, pp. 1-15, doi: 10.32604/csse.2023.032078.
[40] Z. Majidian, S. TaghipourEivazi, B. Arasteh and S. Babai, "An intrusion detection method to detect denial of service attacks using error-correcting output codes and adaptive neuro-fuzzy inference," Computers and Electrical Engineering, vol. 106, p. 108600, 2023, doi: 10.1016/j.compeleceng.2023.108600
[41] P. Radoglou Grammatikis, P. Sarigiannidis, G. Efstathopoulos and E. Panaousis, "ARIES: A novel multivariate intrusion detection system for smart grid," Sensors, vol. 20, no. 18, pp. 1-20, 2020, doi: 10.3390/s20185305.
[42] W. Xu, J. Jang-Jaccard, T. Liu, F. Sabrina and J. Kwak, "Improved Bidirectional GAN-Based Approach for Network Intrusion Detection Using One-Class Classifier," Computers, vol. 11, no. 6, May 2022, doi: 10.3390/computers11060085.
[43] S. Alzughaibi and S. El Khediri, "A Cloud Intrusion Detection Systems Based on DNN Using Backpropagation and PSO on the CSE-CIC-IDS2018 Dataset," Applied Sciences, vol. 13, no. 4, Feb. 2023, doi: 10.3390/app13042276.
[44] R. K. Gupta, V. Chawla, R. K. Pateriya, P. K. Shukla, S. Mahfoudh, and S. B. H. Shah, "Improving collaborative intrusion detection system using blockchain and pluggable authentication modules for sustainable Smart City," Sustainability, vol. 15, no. 3, 2023, doi: 10.3390/su15032133.
[45] "NSL-KDD Dataset", Available online: https://www.unb.ca/cic/datasets/nsl.html , accessed on 27 December 2022.
[46] S. S. Kareem, R. R. Mostafa, F. A. Hashim and H. M. El-Bakry, "An effective feature selection model using hybrid metaheuristic algorithms for iot intrusion detection," Sensors, vol. 22, no. 4, pp. 1-22, Feb. 2022, 1396, doi: 10.3390/s22041396.
[47] R. Yao, N. Wang, Z. Liu, , P. Chen, and X. Sheng, "Intrusion detection system in the advanced metering infrastructure: a cross-layer feature-fusion CNN-LSTM-based approach," Sensors, vol. 21, no. 2, 2021, doi: 10.3390/s21020626.
[48] Y. Yin, J. Jang-Jaccard, W. Xu, A. Singh, J. Zhu, F. Sabrina and J. Kwak, "IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset," Journal of Big Data, vol. 10, no. 1, pp. 1-26, 2023, doi: 10.48550/arXiv.2203.16365.
[49] M. Mohy-eddine, A. Guezzaz, S. Benkirane and M. Azrour, "An efficient network intrusion detection model for IoT security using K-NN classifier and feature selection," Multimedia Tools and Applications, vol. 82, no. 15, pp. 23615–23633 , 2023, doi: 10.1007/s11042-023-14795-2.
[50] D. Kshirsagar and S. Kumar, "Towards an intrusion detection system for detecting web attacks based on an ensemble of filter feature selection techniques," Cyber-Physical Systems, vol. 9, no. 3, pp. 244-259, Jan. 2022, doi: 10.1080/23335777.2021.2023651.
[51] Z. Sharifian, B. Barekatain, A. A. Quintana, Z. Beheshti and F. Safi-Esfahani, "Sin-Cos-bIAVOA: A new feature selection method based on improved African vulture optimization algorithm and a novel transfer function to DDoS attack detection," Expert Systems with Applications, vol. 228, p. 120404, October 2023, doi: 10.1016/j.eswa.2023.120404.
[52] U. S. Chanu, K. J. Singh and Y. J. Chanu, "A dynamic feature selection technique to detect DDoS attack," Journal of Information Security and Applications, vol. 74, p. 103445, May 2023, doi: 10.1016/j.jisa.2023.103445.
[53] Y. Sanjalawe, and T. Althobaiti, "DDoS Attack Detection in Cloud Computing Based on Ensemble Feature Selection and Deep Learning", Computers, Materials & Continua, vol. 75, no. 2, pp. 3571-3588, 31 March 2023, doi: 10.32604/cmc.2023.037386.
[54] B. Uzun and S. Ballı, "A novel method for intrusion detection in computer networks by identifying multivariate outliers and ReliefF feature selection," Neural Computing and Applications, vol. 34, no. 20, pp. 17647-17662, June 2022, doi: 10.1007/s00521-022-07402-2.
[55] N. Alsharif, "Ensembling PCA-based Feature Selection with Random Tree Classifier for Intrusion Detection on IoT Network," in International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), Semarang, Indonesia, 2021, pp. 317-321, doi: 10.23919/EECSI53397.2021.9624298.