Skip to main content
SpringerLink
Log in

Stacked Deep Learning Framework for Edge-Based Intelligent Threat Detection in IoT Network

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cyber-attacks on Internet of Things (IoT) devices are becoming increasingly common due to the rapidly growing number of connected devices and the lack of security measures in many of these devices. Attackers can exploit these flaws using the internet and remote access. The Edge Service is a critical component of NetFlow-based malware detection systems, responsible for several key functions. Firstly, it receives raw network traffic data from the Edge Gateway installed at the network perimeter. Secondly, it processes the raw data to make it suitable for deep learning models by converting it into an appropriate format, normalizing it and extracting relevant features. The Edge Service also develops the deep learning network for malware detection and classification using Vectorized Convolutional Neural Networks (VCNN), multi Long Short-Term Memory (LSTM) models, and mayfly optimization techniques, and trains it on benchmark datasets (NBaIoT-balanced, UNSW-NB15 and UNSW_BOT_IoT-imbalanced) of benign and malicious network traffic to learn the patterns and characteristics of each type of traffic. Once the deep learning network is developed, the Edge Service uses it to detect and classify malware in real time by analyzing network traffic data to identify patterns and anomalies that may indicate the presence of malware. The Edge Service includes a Master Edge Node (MEN) responsible for all these functions. Edge Service plays a crucial role in detecting and preventing malware attacks by providing real-time protection and alerting potential threats.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Availability of data and materials

Data sharing is not applicable to this article as no datasets was generated during the current study. All sources used are properly disclosed (citation). Literally copying of text must be indicated as such by using quotation marks and giving proper references. Implementation material will be provided based on the requirement.

References

  1. Belkhiri H, Messai A, Belaoued M, Haider F (2019) Security in the internet of things: recent challenges and solutions. In: International Conference on Electrical Engineering and Control Applications, Constantine, Algeria, pp 1133–1145

  2. Palo Alto Networks (2020) 2020 unit 42 IoT threat report. https://unit42.paloaltonetworks.com/iot-threat-report-2020/

  3. Antonakakis M, April T, Bailey M, et al (2017) Understanding the mirai botnet. In: 26th USENIX Security Symposium (USENIX Security17), Vancouver, BC, Canada, pp 1093–1110

  4. Fadilpasic S (2020) Researchers discover iot botnet capable of launching various ddos attacks. https://www.itproportal.com/news/researchers-discover-iot-botnetcapable-of-launching-various-ddos-attacks/

  5. Vijayan J (2020) New malware family assembles iot botnet. https://www.darkreading.com/iot/new-malware-familyassembles-iot-botnet–/d/d-id/1337578

  6. Derhab A, Guerroumi M, Gumaei A et al (2019) Blockchain and random subspace learning-based ids for SDN-enabled industrial IOT security. Sensors 19(14):3119

    Article  Google Scholar 

  7. Imran M, Durad MH, Khan FA, Derhab A (2019) Toward an optimal solution against denial of service attacks in software-defined networks. Future Gener Comput Syst 92:444–453

    Article  Google Scholar 

  8. Du B, Peng H, Wang S et al (2020) Deep irregular convolutional residual LSTM for urban traffic passenger flows prediction. IEEE Trans Intell Transp Syst 21(3):972–985

    Article  Google Scholar 

  9. Khan FA, Gumaei A (2019) A comparative study of machine learning classifiers for network intrusion detection. In: International Conference on Artificial Intelligence and Security. Springer, Cham, pp 75–86

  10. Chen H, Engkvist O, Wang Y, Olivecrona M, Blaschke T (2018) The rise of deep learning in drug discovery. Drug Discov Today 23(6):1241–1250

    Article  Google Scholar 

  11. Ning Z, Zhang K, Wang X et al (2020) Intelligent edge computing in internet of vehicles: a joint computation offloading and caching solution. IEEE Trans Intell Transp Syst 22:2212–2225

    Article  Google Scholar 

  12. Bou-Harb E, Debbabi M, Assi C (2017) Big data behavioral analytics meet graph theory: on effective botnet takedowns. IEEE Netw 31(1):18–26

    Article  Google Scholar 

  13. Karbab EMB, Debbabi M, Derhab A, Mouheb D (2020) Scalable and robust unsupervised android malware fingerprinting using community-based network partitioning. Comput Secur 96:101932

    Article  Google Scholar 

  14. Marjani M, Nasaruddin F, Gani A et al (2017) Big IOT data analytics: architecture, opportunities, and open research challenges. IEEE Access 5:5247–5261

    Article  Google Scholar 

  15. Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl Based Syst 189:105124

    Article  Google Scholar 

  16. Ferrag MA, Maglaras L, Moschoyiannis S, Janicke H (2020) Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J Inf Secur Appl 50:102419

    Google Scholar 

  17. Mahdavifar S, Ghorbani AA (2019) Application of deep learning to cybersecurity: a survey. Neurocomputing 347:149–176

    Article  Google Scholar 

  18. Wang T, Zhang G, Liu A, Bhuiyan MZA, Jin Q (2018) A secure iot service architecture with an efficient balance dynamics based on cloud and edge computing. IEEE Internet Things J 6(3):4831–4843

    Article  Google Scholar 

  19. Wang X, Ning Z, Guo S (2020) Multi-agent imitation learning for pervasive edge computing: a decentralized computation offloading algorithm. IEEE Trans Parallel Distrib Syst 32(2):411–425

    Article  Google Scholar 

  20. Derhab A, Belaoued M, Guerroumi M, Khan FA (2020) Two-factor mutual authentication offloading for mobile cloud computing. IEEE Access 8:28956–28969

    Article  Google Scholar 

  21. Boulemtafes A, Derhab A, Challal Y (2020) A review of privacy-preserving techniques for deep learning. Neurocomputing 384:21–45

    Article  Google Scholar 

  22. McDermott CD, Majdani F, Petrovski AV (2018) Botnet detection in the internet of things using deep learning approaches. In: 2018 International Joint Conference on Neural Networks (IJCNN). IEEE, pp 1–8

  23. Kim J, Shim M, Hong S, Shin Y, Choi E (2020) Intelligent detection of IoT botnets using machine learning and deep learning. Appl Sci 10(19):7009

    Article  Google Scholar 

  24. Homayoun S, Ahmadzadeh M, Hashemi S, Dehghantanha A, Khayami R (2018) BoTShark: a deep learning approach for botnet traffic detection. In: Cyber Threat Intelligence. Springer, Cham, pp 137–153

  25. Hammoudeh M, Pimlott J, Belguith S, Epiphaniou G, Baker T, Kayes AS, Adebisi B, Bounceur A (2020) Network traffic analysis for threat detection in the Internet of Things. IEEE Internet Things Mag 3(4):40–45

    Article  Google Scholar 

  26. HaddadPajouh H, Dehghantanha A, Khayami R, Choo K-KR (2018) A deep recurrent neural network based approach for internet of things malware threat hunting. Future Gener Comput Syst 85:88–96

    Article  Google Scholar 

  27. Diro AA, Chilamkurti N (2017) Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener Comput Syst 82:1–5

    Google Scholar 

  28. Meidan Y, Bohadana M, Mathov Y, Mirsky Y, Breitenbacher D, Shabtai A, Elovici Y (2018) N-BaIoT: network-based detection of iot botnet attacks using deep autoencoders. In: IEEE Pervasive Computing, Special Issue—Securing the IoT

  29. Butun I, Kantarci B, Erol-Kantarci M (2015) Anomaly detection and privacy preservation in cloud-centric internet of things. In: 2015 IEEE International Conference on Communication Workshop (ICCW). IEEE, pp 2610–2615

  30. Midi D, Rullo A, Mudgerikar A, Bertino E (2017) Kalis a system for knowledge-driven adaptable intrusion detection for the Internet of Things. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). IEEE, pp 656–666

  31. Pa YMP, Suzuki S, Yoshioka K, Matsumoto T, Kasama T, Rossow C (2016) IoTPOT: a novel honeypot for revealing current IoT threats. J Inf Process 24(3):522–533

    Google Scholar 

  32. Summerville DH, Zach KM, Chen Y. Ultra-lightweight deep packet anomaly detection for Internet of Things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC). IEEE, pp 1–8

  33. Satyanarayanan M (2015) A brief history of cloud offload: a personal journey from odyssey through cyber foraging to cloudlets. GetMobile Mob Comput Commun. 18(4):19–23

    Article  Google Scholar 

  34. Ranjan R, Benatallah B, Dustdar S, Papazoglou MP (2015) Cloud resource orchestration programming: overview, issues, and directions. IEEE Internet Comput 19(5):46–56

    Article  Google Scholar 

  35. Jonathan A, Ryden M, Oh K, Chandra A, Weissman J (2017) Nebula: distributed edge cloud for data intensive computing. IEEE Trans Parallel Distrib Syst 28(11):3229–3242

    Article  Google Scholar 

  36. Tanganelli G, Vallati C, Mingozzi E (2017) Edge-centric distributed discovery and access in the internet of things. IEEE Internet Things J 5(1):425–438

    Article  Google Scholar 

  37. Pan J, McElhannon J (2017) Future edge cloud and edge computing for internet of things applications. IEEE Internet Things J 5(1):439–449

    Article  Google Scholar 

  38. Mollah MB, Azad MA, Vasilakos A (2017) Secure data sharing and searching at the edge of cloud-assisted internet of things. IEEE Cloud Comput 4(1):34–42

    Article  Google Scholar 

  39. Satyanarayanan M, Simoens P, Xiao Y, Pillai P, Chen Z, Ha K et al (2015) Edge analytics in the Internet of Things. IEEE Pervasive Comput 14:24–31

    Article  Google Scholar 

  40. Yazdinejad A, Dehghantanha A, Parizi RM et al (2023) Secure intelligent fuzzy blockchain framework: effective threat detection in IoT networks. Comput Ind 144:103801. https://doi.org/10.1016/j.compind.2022.103801

    Article  Google Scholar 

  41. Srinidhi NN, Dilip Kumar SM, Venugopal KR (2019) Network optimizations in the Internet of Things: a review. Eng Sci Technol Int J 22:1–21. https://doi.org/10.1016/j.jestch.2018.09.003

    Article  Google Scholar 

  42. Jo W, Kim S, Lee C, Shon T (2020) Packet preprocessing in CNN-based network intrusion detection system. Electronics 9(7):1151

    Article  Google Scholar 

  43. Alotaibi B, Alotaibi M (2020) A stacked deep learning approach for IoT cyberattack detection. J Sens 18:2020

    Google Scholar 

  44. Chung H, Shin KS (2018) Genetic algorithm-optimized long short-term memory network for stock market prediction. Sustainability 10(10):3765

    Article  Google Scholar 

  45. Mirsky Y, Doitshman T, Elovici Y, Shabtai A (2018) Kitsune: an ensemble of autoencoders for online network intrusion detection. In: Network and Distributed System Security (NDSS) Symposium, San Diego, CA, USA

  46. Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military Communications and Information Systems Conference (MilCIS), 2015. IEEE

  47. Moustafa N, Slay J (2016) The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 dataset and the comparison with the KDD99 dataset. Inf Secur J Glob Perspect 25:1–14

    Google Scholar 

  48. Koroniotis N, Moustafa N, Sitnikova E, Turnbull B (2019) Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Future Gener Comput Syst 100:779–796

    Article  Google Scholar 

  49. Hassan MM, Gumaei A, Alsanad A, Alrubaian M, Fortino G (2020) A hybrid deep learning model for efficient intrusion detection in big data environment. Inf Sci 1(513):386–396

    Article  Google Scholar 

  50. Alkahtani H, Aldhyani TH (2021) Botnet attack detection by using CNN-LSTM model for internet of things applications. Secur Commun Netw 10:2021

    Google Scholar 

Download references

Funding

National Institute of Technology, Tiruchirappalli is providing the stipend to carry out this research work.

Author information

Authors and Affiliations

  1. Department of Computer Applications, National Institute of Technology, Tiruchirappalli, India

    D. Santhadevi & B. Janet

Authors
  1. D. Santhadevi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. Janet
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

The paper properly credits the meaningful contributions of the corresponding author and co-author.

Corresponding author

Correspondence to D. Santhadevi.

Ethics declarations

Conflict of interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper. The authors declare the following financial interests/personal relationships, which may be considered potential competing interests.

Ethical approval

This material is the authors' own original work, which has not been previously published elsewhere. The paper is not currently being considered for publication elsewhere. The paper reflects the author's own research and analysis in a truthful and complete manner.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Santhadevi, D., Janet, B. Stacked Deep Learning Framework for Edge-Based Intelligent Threat Detection in IoT Network. J Supercomput 79, 12622–12655 (2023). https://doi.org/10.1007/s11227-023-05153-y

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-023-05153-y

Keywords

Search

Navigation