Skip to main content
SpringerLink
Log in

An effective intrusion detection approach based on ensemble learning for IIoT edge computing

  • Original Paper
  • Published:
Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Abstract

The Internet of Things (IoT) has recently gained immense popularity. IoT is a set of devices that compute, communicate with each other, and consist of a vast network. Industrial IoT (IIoT) is the extension of IoT in the industrial fields. It aims to involve embedded devices in the industrial sectors to improve their activities. However, IIoT raises security vulnerabilities that are more harmful than those of IoT. Thus, intrusion detection systems (IDS) are developed to prevent some devastating intrusions. IDS monitors the environment to detect intrusion in real time. This paper designs an intrusion detection approach using ML for IIoT security. The feature selection and dimensionality reduction methods promote the machine learning models' detection rate and accuracy (ACC). To reduce the computational and time costs caused by the dataset's high dimensionality, we propose using Pearson's correlation coefficient (PCC) and isolation forest (IF). The IF is applied to remove outliers, and The PCC is implemented for the feature selection process. Additionally, we used Matthews correlation coefficient (MCC) to study the impact of our proposed model on the imbalanced dataset as the Bot-IoT. The RF classifier is implemented to enhance the IDS performances. For evaluation, we used the Bot-IoT and the wustl_iiot_2021 datasets to evaluate the performance of our model. Our approach has shown remarkable results with 99.99% and 99.12% ACC, 92.17% and 93.96% MCC, and 92.48% and 99.3% AUC scores on the Bot-IoT and wustl_iiot_2021, respectively. Our results demonstrate that the proposed approach has many advantages and superior performances compared with other models.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18

Similar content being viewed by others

Data availability

Assessments and Experimental results obtained using Anaconda 3 IDE, are available and will be shared with authors at https://sites-Google.com/umi.ac.ma/azrour.

References

  1. Azrour, M., Mabrouki, J., Guezzaz, A., Farhaoui, Y.: New enhanced authentication protocol for internet of things. Big Data Min. Anal. 4(1), 1–9 (2021)

    Article  Google Scholar 

  2. dos Santos, D.R., Dagrada, M., Costante, E.: Leveraging operational technology and the Internet of things to attack smart buildings. J. Comput. Virol. Hack. Tech. 17(1), 1–20 (2021)

    Article  Google Scholar 

  3. Von Solms, R., Van Niekerk, J.: From information security to cyber security. Comput. Secur. 38, 97–102 (2013)

    Article  Google Scholar 

  4. Chanal, P.M., Kakkasageri, M.S.: Security and privacy in IoT: a survey. Wirel. Pers. Commun. 115, 1667–1693 (2020)

    Article  Google Scholar 

  5. Sethi, P., Sarangi, S.R.: Internet of things: architectures, protocols, and applications. J. Electr. Comput. Eng. 2017. https://doi.org/10.1155/2017/9324035

  6. Alaba, F.A., Othman, M., Hashem, I.A.T., Alotaibi, F.: Internet of Things security: a survey. J. Netw. Comput. Appl. 88, 10–28 (2017)

    Article  Google Scholar 

  7. Mohamed Noor, M.B., Hassan, W.H.: Current research on Internet of Things (IoT) security: a survey. Comput. Netw. 148, 283–294 (2018)

    Article  Google Scholar 

  8. Khan, M.A., Khan Khattk, M.A., Latif, S., Shah, A.A., Ur Rehman, M., Boulila, W., Driss, M., Ahmad, J.: Voting classifier-based intrusion detection for IoT networks. In: Advances on Smart and Soft Computing. Springer, pp. 313–328 (2022)

  9. Yu, X., Guo, H.: A survey on IIoT security. In: 2019 IEEE VTS Asia pacific wireless communications symposium (APWCS). IEEE, pp. 1–5 (2019)

  10. Tange, K., De Donno, M., Fafoutis, X., Dragoni, N.: A systematic survey of industrial internet of things security: requirements and fog computing opportunities. IEEE Commun. Surv. Tutor. 22(4), 2489–3252 (2020)

    Article  Google Scholar 

  11. . Panchal, A.C, Khadse, V.M., Mahalle, P.N.: Security issues in IIoT: a comprehensive survey of attacks on IIoT and its countermeasures. In: 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN). IEEE, pp. 124–130 (2018)

  12. Sengupta, J., Ruj, S., Bit, S.D.: A comprehensive survey on attacks, security issues and blockchain solutions for IoT and IIoT. J. Netw. Comput. Appl. 149, 102481 (2020)

    Article  Google Scholar 

  13. Esfahani, A., Mantas, G., Matischek, R., Saghezchi, F.B., Rodriguez, J., Bicaku, A., Maksuti, S., Tauber, M.G., Schmittner, C., Bastos, J.: A lightweight authentication mechanism for M2M communications in industrial IoT environment. IEEE Internet Things J. 6(1), 288–296 (2019)

    Article  Google Scholar 

  14. Yan, Q., Huang, W., Luo, X., Gong, Q., Yu, F.R.: A multi-level DDoS mitigation framework for the industrial Internet of Things. IEEE Commun. Mag. 56(2), 30–36 (2018)

    Article  Google Scholar 

  15. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016)

    Article  Google Scholar 

  16. Kasongo, S.M.: An advanced intrusion detection system for IIoT based on GA and tree-based algorithms. IEEE Access 9, 113199–113212 (2021)

    Article  Google Scholar 

  17. Aldweesh, A., Derhab, A., Emam, A.Z.: Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl. Based Syst. 189, 105124 (2020)

    Article  Google Scholar 

  18. Wawryn, K., Widulinski, P.: Detection of anomalies in compiled computer program files inspired by immune mechanisms using a template method. J. Comput. Virol. Hack. Tech. 17(1), 47–59 (2021)

    Article  Google Scholar 

  19. Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection system: techniques, datasets, and challenges. Cybersecurity 2, 1–22 (2019)

    Article  Google Scholar 

  20. Liu, F.T., Ting, K.M., Zhou, Z.-H.: Isolation forest. In: 2008 Eighth IEEE International Conference on Data Mining, pp. 413–422 (2008)

  21. Ho, T.K.: Random decision forests. In: Proceedings of 3rd International Conference on Document Analysis and Recognition, vol. 1, pp. 278–282 (1995)

  22. Ainsworth, T., Brake, J., Gonzalez, P., Toma, D., Browne, A.F.: A comprehensive survey of industry 4.0, iiot and areas of implementation. In: SoutheastCon 2021, no. IEEE, pp. 1–6 (2021)

  23. Malik, P.K., Sharma, R., Singh, R., Gehlot, A., Satapathy, S.C., Alnumay, W.S., Pelusi, D., Ghosh, U., Nayak, J.: Industrial Internet of Things and its applications in industry 4.0: state of the art. Comput. Commun. 166, 125–139 (2021)

    Article  Google Scholar 

  24. Hylving, L., Schultze, U.: Evolving the modular layered architecture in digital innovation: the case of the car's instrument cluster. In: ICIS (2013)

  25. Ferrag, M.A., Maglaras, L., Moschoyiannis, S., Janicke, H.: Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J. Inf. Secur. Appl. 50, 102419 (2020)

    Google Scholar 

  26. Gu, J., Lu, S.: An effective intrusion detection approach using SVM with naïve Bayes feature embedding. Comput. Secur. 103, 102158 (2020)

    Article  Google Scholar 

  27. Liao, H.-J., Lin, C.-H.R., Lin, Y.-C., Tung, K.-Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)

    Article  Google Scholar 

  28. Peng, K., Leung, V., Zheng, L., Wang, S., Huang, C., Lin, T.: Intrusion detection system based on decision tree over big data in fog environment. Wirel. Commun. Mob. Comput. 2018 (2018)

  29. Wazirali, R.: An improved intrusion detection system based on KNN hyperparameter tuning and cross-validation. Arab. J. Sci. Eng. 45(12), 10859–10873 (2020)

    Article  Google Scholar 

  30. Sallam, A.A., Kabir, M.N., Alginahi, Y.M., Jamal, A., Esmeel, T.K.: IDS for improving DDoS attack recognition based on attack profiles and network traffic features. In: 2020 16th IEEE International Colloquium on Signal Processing & Its Applications (CSPA). IEEE, pp. 255–260 (2020)

  31. Gu, J., Wang, L., Wang, H., Wang, S.: A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput. Secur. 86, 53–62 (2019)

    Article  Google Scholar 

  32. Waskle, S., Parashar, L., Singh, U.: Intrusion detection system using PCA with random forest approach. In: 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). IEEE, pp. 803–808 (2020)

  33. Mebawondu, J.O., Alowolodu, O.D., Mebawondu, J.O., Adetunmbi, A.O.: Network intrusion detection system using supervised learning paradigm. Sci. Afr. 9, e00497 (2020)

    Google Scholar 

  34. Chen, J., Qi, X., Chen, L., Chen, F., Cheng, G.: Quantum-inspired ant lion optimized hybrid k-means for cluster analysis and intrusion detection. Knowl. Based Syst. 203, 106167 (2020)

    Article  Google Scholar 

  35. Saxena, A., Saxena, K., Goyal, J.: Hybrid technique based on dbscan for selection of improved features for intrusion detection system. In: Emerging Trends in Expert Applications and Security. Springer, pp. 365–377 (2019)

  36. Ester, M., Kriegel, H.-P., Sander, J., Xu, X.: A density-based algorithm for discovering clusters in large spatial databases with noise. In: Kdd-96 Proceedings, Munich, AAAI Press, pp. 226–231 (1996)

  37. Sadaf, K., Sultana, J.: Intrusion detection based on autoencoder and isolation forest in fog computing. IEEE Access 8, 167059–167068 (2020)

    Article  Google Scholar 

  38. Sarica, A., Cerasa, A., Quattrone, A.: Random forest algorithm for the classification of neuroimaging data in Alzheimer’s disease: a systematic review. Front. Aging Neurosci. 9, 329 (2017)

    Article  Google Scholar 

  39. Zhang, L., Jiang, S., Shen, X., Gupta, B.B., Tian, Z.: PWG-IDS: an intrusion detection model for solving class imbalance in IIoT networks using generative adversarial networks. arXiv e-prints, arxiv-2110 (2021)

  40. Zhang, Y., Li, P., Wang, X.: Intrusion detection for IoT based on improved genetic algorithm and deep belief network. IEEE Access 7, 31711–31722 (2019)

    Article  Google Scholar 

  41. Guezzaz, A., Benkirane, S., Azrour, M., Khurram, S.: A reliable network intrusion detection approach using decision tree with enhanced data quality. Secur. Commun. Netw. 2021. https://doi.org/10.1155/2021/1230593

  42. Guezzaz, A., Asimi, A., Asimi, Y., Tbatou, Z., Sadqi, Y.: A global intrusion detection system using PcapSockS sniffer and multilayer perceptron classifier. Int. J. Netw. Secur. 21(3), 438–450 (2019)

    Google Scholar 

  43. Alhowaide, A., Alsmadi, I., Tang, J.: Ensemble detection model for IoT IDS. Internet Things 16, 100435 (2021)

    Article  Google Scholar 

  44. Javeed, D., Gao, T., Khan, M.T., Shoukat, D.: A hybrid intelligent framework to combat sophisticated threats in secure industries. Sensors 22(4), 1582 (2022)

    Article  Google Scholar 

  45. Ge, M., Syed, N.F., Fu, X., Baig, Z., Robles-Kelly, A.: Towards a deep learning-driven intrusion detection approach for Internet of Things. Comput. Netw. 186, 107784 (2021)

    Article  Google Scholar 

  46. Yao, H., Gao, P., Zhang, P., Wang, J., Jiang, C., Lu, L.: Hybrid intrusion detection system for edge-based IIoT relying on machine-learning-aided detection. IEEE Netw. 53(5), 75–81 (2019)

    Article  Google Scholar 

  47. Alanazi, M., Aljuhani, A.: Anomaly detection for Internet of Things cyberattacks. Comput. Mater. Continua 72(1), 261–279 (2022)

    Article  Google Scholar 

  48. Lee, J.D., Cha, H.S., Rathore, S., Park, J.H.: M-IDM: a multi-classification based intrusion detection model in healthcare IoT. Comput. Mater. Continua 67(2), 1537–1553 (2021)

    Article  Google Scholar 

  49. Maseer, Z.K., Yusof, R., Mostafa, S.A., Bahaman, N., Musa, O., Al-rimy, B.A.S.: DeepIoT. IDS: hybrid deep learning for enhancing IoT network intrusion detection. Comput. Mater. Continua 69(3), 3945–3966 (2021)

    Article  Google Scholar 

  50. Ismail, Z., Jantan, A., Yusoff, M., Kiru, M.U.: The effects of feature selection on the classification of encrypted botnet. J. Comput. Virol. Hack. Tech. 17(1), 61–74 (2021)

    Article  Google Scholar 

  51. Kuang, T., Hu, Z., Xu, M.: A genetic optimization algorithm based on adaptive dimensionality reduction. Math. Probl. Eng. https://doi.org/10.1155/2020/8598543

  52. Koroniotis, N., Moustafa, N., Sitnikova, E., Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Future Gener. Comput. Syst. 100, 779–796 (2019)

    Article  Google Scholar 

  53. Ghosh, P., Sinha, S., Sharma, R.R., Phadikar, S.: An efficient IDS in cloud environment using feature selection based on DM algorithm. J. Comput. Virol. Hack. Tech. 243–258 (2022). https://doi.org/10.1007/s11416-021-00410-1

  54. Yang, Q., Singh, J., Lee, J.: Isolation-based feature selection for unsupervised outlier detection. In: B Proceedings of the Annual Conference of the Prognostics and Health Management Society (2019)

  55. Zolanvari, M., Teixeira, M.A., Gupta, L., Khan, K.M., Jain, R.: Machine learning-based network vulnerability analysis of industrial Internet of Things. IEEE Internet Things J. 6(4), 6822–6834 (2019)

    Article  Google Scholar 

  56. Chicco, D., Jurman, G.: The advantages of the Matthews correlation coefficient (MCC) over F1 score and accuracy in binary classification evaluation. BMC Genom. 21(1), 1–13 (2020)

    Article  Google Scholar 

  57. Nimbalkar, P., Kshirsagar, D.: Feature selection for intrusion detection system in internet-of-things (IoT). ICT Express 7(2), 177–181 (2021)

    Article  Google Scholar 

  58. Abushwereb, M., Alkasassbeh, M., Almseidin, M., Mustafa, M.: An accurate IoT intrusion detection framework using apache spark. arXiv e-prints, arXiv:2203.04347 (2022)

  59. Saba, T., Rehman, A., Sadad, T., Kolivand, H., Bahaj, S.A.: Anomaly-based intrusion detection system for IoT networks through deep learning model. Comput. Electr. Eng. 99, 107810 (2022)

    Article  Google Scholar 

Download references

Funding

This study was not funded and without financial support. We did this research work as professors of computer sciences at universities.

Author information

Authors and Affiliations

  1. Higher School of Technology, Cadi Ayyad University, 44000, Essaouira, Morocco

    Mouaad Mohy-eddine, Azidine Guezzaz & Said Benkirane

  2. IDMS team, Faculty of Sciences and Technics, Moulay Ismail University of Meknès, Errachidia, Morocco

    Mourade Azrour

Authors
  1. Mouaad Mohy-eddine
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Azidine Guezzaz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Said Benkirane
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mourade Azrour
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Azidine Guezzaz.

Ethics declarations

Conflict of interest

Our work has not been funded and without financially supporting.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mohy-eddine, M., Guezzaz, A., Benkirane, S. et al. An effective intrusion detection approach based on ensemble learning for IIoT edge computing. J Comput Virol Hack Tech 19, 469–481 (2023). https://doi.org/10.1007/s11416-022-00456-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-022-00456-9

Keywords

Search

Navigation