Skip to main content
SpringerLink
Log in

TL-BILSTM IoT: transfer learning model for prediction of intrusion detection system in IoT environment

  • Regular Contriburtion
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

The ubiquity of the Internet-of-Things (IoT) systems across various industries, smart cities, health care, manufacturing, and government services has led to an increased risk of security attacks, jeopardizing data integrity, confidentiality, and availability. Consequently, ensuring the resilience of IoT systems demands a paramount focus on cybersecurity. This manuscript proposes a robust model specifically designed to detect and classify botnet attacks in IoT environments. The proposed model utilizes a hybrid CNN-BILSTM with transfer learning (TL-BILSTM) to detect and classify different types of Mirai and BASHLITE attacks across nine types of IoT devices. In this study, we used a publically available dataset consisting of legitimate and malicious network packets that were gathered from a real-time laboratory connected to camera devices in the IoT environment. Experimental results demonstrate that the proposed model achieves good-fit performance based on evaluation metrics. Specifically, the proposed model achieves a testing accuracy of 99.52%, a training accuracy of 99.55%, and a loss of 0. 0150. The results underscore the superior accuracy of our proposed model, especially within the N_BaIoT dataset, where it attains a remarkable accuracy of 99.52% across ten classes, surpassing cutting-edge techniques by a significant margin ranging from 3.2% to 16.07%. Furthermore, the proposed model proves effective in enhancing the accuracy of detecting and classifying botnet attacks compared to state-of-the-art anomaly detection systems in IoT based on real-time IoT devices dataset.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Cvitić, I., Peraković, D., Periša, M., Botica, M.: Novel approach for detection of IoT generated DDoS traffic. Wirel. Netw. 27(3), 1573–1586 (2021)

    Article  Google Scholar 

  2. Abdalzaher, M.S., Muta, O.: A game-theoretic approach for enhancing security and data trustworthiness in IoT applications. IEEE Internet Things J. 7(11), 11250–11261 (2020)

    Article  Google Scholar 

  3. M. M. Salim, D. Wang, H. A. El Atty Elsayed, Y. Liu, and M. A. Elaziz, Joint optimization of energy-harvesting-powered two-way relaying D2D communication for IoT: a rate–energy efficiency tradeoff. IEEE Internet Things J., vol. 7, no. 12, pp. 11735–11752 (2020)

  4. Tahsien, S.M., Karimipour, H., Spachos, P.: Machine learning based solutions for security of Internet of Things (IoT): a survey. J. Netw. Comput. Appl. 161, 102630 (2020)

    Article  Google Scholar 

  5. da Costa, K.A.P., Papa, J.P., Lisboa, C.O., Munoz, R., de Albuquerque, V.H.C.: Internet of things: a survey on machine learning-based intrusion detection approaches. Comput. Netw. 151, 147–157 (2019)

    Article  Google Scholar 

  6. Olowononi, F.O., Rawat, D.B. and Liu, C.: Federated learning with differential privacy for resilient vehicular cyber physical systems. In: Proc. IEEE 18th Annu. Consum. Commun. Netw. Conf. (CCNC), pp. 1–5 (2021)

  7. Da Xu, L., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Ind. Inf. 10(4), 2233–2243 (2014)

    Article  Google Scholar 

  8. Sharma, M., Pant, S., KumarSharma, D., DattaGupta, K., Vashishth, V., Chhabra, A.: Enabling security for the Industrial Internet of Things using deep learning, blockchain, and coalitions. Trans. Emerging Telecommun. Technol. 32(7), e4137 (2021)

    Article  Google Scholar 

  9. Farooq, U., Tariq, N., Asim, M., Baker, T., Al-Shamma’a, A.: Machine learning and the internet of things security: solutions and open challenges. J. Parallel Distrib. Comput. 162, 89–104 (2022)

    Article  Google Scholar 

  10. Pant, S., Sharma, M., Sharma, D.K., Gupta, D., Rodrigues, J.J.P.C.: Enforcing intelligent learning-based security in internet of everything. IEEE Internet Things J. 10(4), 3071–3078 (2023). https://doi.org/10.1109/JIOT.2021.3097951

    Article  Google Scholar 

  11. Zhang, K., Ying, H., Dai, H.N., Li, L., Peng, Y., Guo, K., Yu, H.: Compacting deep neural networks for internet of things: methods and applications. IEEE Internet Things J. 8(15), 11935–11959 (2021)

    Article  Google Scholar 

  12. Mao, K., Srivastava, G., Parizi, R.M., Khan, M.S.: Multi-source fusion for weak target images in the Industrial Internet of Things. Comput. Commun. 173, 150–159 (2021)

    Article  Google Scholar 

  13. Mothukuri, V., Khare, P., Parizi, R.M., Pouriyeh, S., Dehghantanha, A., Srivastava, G.: Federated-learning-based anomaly detection for iot security attacks. IEEE Internet Things J. 9(4), 2545–2554 (2021)

    Article  Google Scholar 

  14. Sisinni, E., Saifullah, A., Han, S., Jennehag, U., Gidlund, M.: Industrial internet of things: challenges, opportunities, and directions. IEEE Trans. Ind. Inf. 14(11), 4724–4734 (2018)

    Article  Google Scholar 

  15. Namasudra, S.: An improved attribute‐based encryption technique towards the data security in cloud computing. Concurrency and Computation: Practice and Experience 31, no. 3: e4364 (2019)

  16. Namasudra, S.: Fast and secure data accessing by using DNA computing for the cloud environment. IEEE Trans. Serv. Comput. 15(4), 2289–2300 (2020)

    Article  Google Scholar 

  17. Namasudra, S., Devi, D., Kadry, S., Sundarasekar, R., Shanthini, A.: Towards DNA based data security in the cloud computing environment. Comput. Commun. 151, 539–547 (2020)

    Article  Google Scholar 

  18. Balan, K., Abdulrazak, L.F., Khan, A.S., Julaihi, A.A., Tarmizi, S., Pillay, K.S., Sallehudin, H.: RSSI and public key infrastructure based secure communication in autonomous vehicular networks. Int. J. Adv. Comput. Sci. Appl. 9(12) (2018)

  19. Soe, Y.N., Feng, Y., Santosa, P.I., Hartanto, R., Sakurai, K.: Machine learning-based IoT-botnet attack detection with sequential architecture. Sensors 20(16), 4372 (2020).

    Article  Google Scholar 

  20. Gauthama Raman, M.R., Somu, N., Jagarapu, S., Manghnani, T., Selvam, T., Krithivasan, K., Shankar Sriram, V.S.: An efficient intrusion detection technique based on support vector machine and improved binary gravitational search algorithm. Artif. Intell. Rev. 53, 3255–3286 (2020)

    Article  Google Scholar 

  21. Sarker, I.H., Abushark, Y.B., Alsolami, F., Khan, A.I.: IntruDTree: a machine learning based cyber security intrusion detection model. Symmetry 12(5), 754 (2020). https://doi.org/10.3390/sym12050754

    Article  Google Scholar 

  22. Sarker, I.H.: CyberLearning: effectiveness analysis of machine learning security modeling to detect cyber-anomalies and multi-attacks. Internet Things 14, 100393 (2021)

    Article  Google Scholar 

  23. Alharbi, A., Alosaimi, W., Alyami, H., Rauf, H.T., Damaševičius, R.: Botnet attack detection using local global best bat algorithm for industrial internet of things. Electronics 10(11), 1341 (2021)

    Article  Google Scholar 

  24. Rajagopal, S., Kundapur, P.P., Hareesha, K.S.: A stacking ensemble for network intrusion detection using heterogeneous datasets. Secur. Commun. Netw. 2020, 1–9 (2020)

    Article  Google Scholar 

  25. Bedi, P., Mewada, S., Vatti, R.A., Singh, C., Dhindsa, K.S., Ponnusamy, M., Sikarwar, R.: Detection of attacks in IoT sensors networks using machine learning algorithm. Microprocess. Microsyst. 82, 103814 (2021)

    Article  Google Scholar 

  26. Almiani, M., AbuGhazleh, A., Al-Rahayfeh, A., Atiewi, S., Razaque, A.: Deep recurrent neural network for IoT intrusion detection system. Simul. Model. Pract. Theory 101, 102031 (2020)

    Article  Google Scholar 

  27. Parra, G.D.L.T., Rad, P., Choo, K.K.R., Beebe, N.: Detecting Internet of Things attacks using distributed deep learning. J. Netw. Comput. Appl. 163, 102662 (2020)

    Article  Google Scholar 

  28. Alhowaide, A., Alsmadi, I., Tang, J.: Ensemble detection model for IoT IDS. Internet Things 16, 100435 (2021)

    Article  Google Scholar 

  29. Ahmad, Z., Shahid Khan, A., Nisar, K., Haider, I., Hassan, R., Haque, M.R., Tarmizi, S., Rodrigues, J.J.: Anomaly detection using deep neural network for IoT architecture. Appl. Sci. 11(15), 7050 (2021)

    Article  Google Scholar 

  30. Abu Al-Haija, Q., Al-Dala’ien, M.A.: ELBA-IoT: an ensemble learning model for botnet attack detection in IoT networks. J. Sens. Actuator Netw. 11(1), 18 (2022)

    Article  Google Scholar 

  31. Alzahrani, M.Y., Bamhdi, A.M.: Hybrid deep-learning model to detect botnet attacks over internet of things environments. Soft. Comput. 26(16), 7721–7735 (2022)

    Article  Google Scholar 

  32. Rey, V., Sánchez, P.M.S., Celdrán, A.H., Bovet, G.: Federated learning for malware detection in iot devices. Comput. Netw. 204, 108693 (2022)

    Article  Google Scholar 

  33. Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for Internet of Things. IEEE Access 5, 18042–18050 (2017)

    Article  Google Scholar 

  34. Azmoodeh, A., Dehghantanha, A., Choo, K.K.R.: Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans. Sustain. Comput. 4(1), 88–95 (2018)

    Article  Google Scholar 

  35. Tama, B.A., Comuzzi, M., Rhee, K.H.: TSE-IDS: a two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE access 7, 94497–94507 (2019)

    Article  Google Scholar 

  36. Siddiqui, A.J., Boukerche, A.: TempoCode-IoT: temporal codebook-based encoding of flow features for intrusion detection in Internet of Things. Clust. Comput. 24, 17–35 (2021)

    Article  Google Scholar 

  37. Labiod, Y., Amara Korba, A., Ghoualmi, N.: Fog computing-based intrusion detection architecture to protect iot networks. Wirel. Pers. Commun. 125(1), 231–259 (2022)

    Article  Google Scholar 

  38. Li, Y., Xu, Y., Liu, Z., Hou, H., Zheng, Y., Xin, Y., Zhao, Y., Cui, L.: Robust detection for network intrusion of industrial IoT based on multi-CNN fusion. Measurement 154, 107450 (2020)

    Article  Google Scholar 

  39. Alzubi, J.A., Manikandan, R., Alzubi, O.A., Gayathri, N., Patan, R.: A survey of specific IoT applications. Int. J. Emerging Technol. 10(1), 47–53 (2019)

    Google Scholar 

  40. Alzubi, O.A., Alzubi, J.A., Dorgham, O., Alsayyed, M.: Cryptosystem design based on Hermitian curves for IoT security. J. Supercomput. 76, 8566–8589 (2020)

    Article  Google Scholar 

  41. Gheisari, M., Najafabadi, H.E., Alzubi, J.A., Gao, J., Wang, G., Abbasi, A.A., Castiglione, A.: OBPP: an ontology-based framework for privacy-preserving in IoT-based smart city. Fut. Gen. Comput. Syst. 123, 1–13 (2021)

    Article  Google Scholar 

  42. Alzubi, J.A., Manikandan, R., Alzubi, O.A., Qiqieh, I., Rahim, R., Gupta, D., Khanna, A.: Hashed Needham Schroeder industrial IoT based cost optimized deep secured data transmission in cloud. Measurement 150, 107077 (2020)

    Article  Google Scholar 

  43. Shaikh, S., Rupa, C., Srivastava, G., Gadekallu, T.R.: Botnet attack intrusion detection in IoT enabled automated guided vehicles. In: 2022 IEEE International Conference on Big Data (Big Data), pp. 6332–6336. IEEE (2022)

  44. Gadekallu, T.R., Kumar, N., Baker, T., Natarajan, D., Boopathy, P., Maddikunta, P.K.R.: Moth flame optimization based ensemble classification for intrusion detection in intelligent transport system for smart cities. Microprocess. Microsyst. 103, 104935 (2023)

    Article  Google Scholar 

  45. Alzubi, J.A., Alzubi, O.A., Singh, A., Ramachandran, M.: Cloud-IIoT-based electronic health record privacy-preserving by CNN and blockchain-enabled federated learning. IEEE Trans. Ind. Inf. 19(1), 1080–1087 (2022)

    Article  Google Scholar 

  46. Alsaedi, A., Moustafa, N., Tari, Z., Mahmood, A., Anwar, A.: TON_IoT telemetry dataset: a new generation dataset of IoT and IIoT for data-driven intrusion detection systems. IEEE Access 8, 165130–165150 (2020)

    Article  Google Scholar 

  47. Jo, W., Kim, S., Lee, C., Shon, T.: Packet preprocessing in CNN-based network intrusion detection system. Electronics 9(7), 1151 (2020)

    Article  Google Scholar 

  48. Yao, R., Wang, N., Liu, Z., Chen, P., Sheng, X.: Intrusion detection system in the advanced metering infrastructure: a cross-layer feature-fusion CNN-LSTM-based approach. Sensors 21(2), 626 (2021)

    Article  Google Scholar 

  49. Albawi, S., Mohammed, T.A., Al-Zawi, S.: Understanding of a convolutional neural network. In: 2017 International Conference on Engineering and Technology (ICET), pp. 1–6 (2017). https://doi.org/10.1109/ICEngTechnol.2017.8308186

  50. Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. In: Network and Distributed System Security (NDSS) Symposium, San Diego, CA, USA (2018)

  51. Sarker, I.H., Kayes, A.S.M., Watters, P.: Effectiveness analysis of machine learning classification models for predicting personalized context-aware smartphone usage. J. Big Data 6(1), 1–28 (2019)

    Article  Google Scholar 

  52. Mazini, M., Shirazi, B., Mahdavi, I.: Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. J. King Saud Univer.-Comput. Inf. Sci. 31(4), 541–553 (2019)

    Google Scholar 

  53. Baby, R., Pooranian, Z., Shojafar, M., Tafazolli, R.: A heterogenous IoT attack detection through deep reinforcement learning: a dynamic ML approach. In: ICC 2023-IEEE International Conference on Communications, pp. 479–484. IEEE (2023)

  54. CU, O.K., Pranavi, D., Laxmi, B.A., Devasena, R.: Variational autoencoder for IoT botnet detection. In: Using Computational Intelligence for the Dark Web and Illicit Behavior Detection, pp. 74–88. IGI Global (2022)

  55. Shafiq, U., Shahzad, M.K., Anwar, M., Shaheen, Q., Shiraz, M., Gani, A.: Transfer learning auto-encoder neural networks for anomaly detection of DDoS generating IoT devices. Secur Commun Networks 2022, 1–13 (2022)

    Google Scholar 

  56. Cunha, A.A., Borges, J.B., Loureiro, A.A.F.: Classification of botnet attacks in IoT using a convolutional neural network. In: Proceedings of the 18th ACM International Symposium on QoS and Security for Wireless and Mobile Networks, pp. 63–70 (2022)

  57. Hezam, A.A., Mostafa, S.A., Ramli, A.A., Mahdin, H., Khalaf, B.A.: Deep learning approach for detecting botnet attacks in IoT environment of multiple and heterogeneous sensors. In: Advances in Cyber Security: Third International Conference, ACeS 2021, Penang, Malaysia, August 24–25, 2021, Revised Selected Papers 3, pp. 317-328. Springer, Singapore (2021)

  58. Alkahtani, H., Aldhyani, T.H.: Botnet attack detection by using CNN-LSTM model for Internet of Things applications. Secur. Commun. Netw. 2021, 1–23 (2021)

    Article  Google Scholar 

  59. Hasan, T., Malik, J., Bibi, I., Khan, W.U., Al-Wesabi, F.N., Dev, K., Huang, G.: Securing industrial internet of things against botnet attacks using hybrid deep learning approach. IEEE Trans. Netw. Sci. Eng. 10, 2952–2963 (2022)

    Article  Google Scholar 

  60. Haq, M.A.: DBoTPM: a deep neural network-based botnet prediction model. Electronics 12(5), 1159 (2023)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Delhi Technological University, New Delhi, India

    Himanshu Nandanwar & Rahul Katarya

Authors
  1. Himanshu Nandanwar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rahul Katarya
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed equally in data curation, methodology, visualization, writing—original draft.

Corresponding author

Correspondence to Rahul Katarya.

Ethics declarations

Competing interests

The authors declare no competing interests.

Conflict of interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Research data policy and data availability statements

Dataset is publicly available on the repository.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nandanwar, H., Katarya, R. TL-BILSTM IoT: transfer learning model for prediction of intrusion detection system in IoT environment. Int. J. Inf. Secur. 23, 1251–1277 (2024). https://doi.org/10.1007/s10207-023-00787-8

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00787-8

Keywords

Search

Navigation