Abstract
The Internet of Things (IoT) has developed rapidly and been integrated with a variety of domains. Such a technology allows devices to send, receive, and process data without human involvement. Even though IoT has been widely adopted in several critical domains because it facilitates human life and improves quality of service, its security and privacy issues remain a major challenge. As a relief, an anomaly-based Intrusion Detection System (IDS) can be deployed as a security function to safeguard IoT networks from a diverse range of cyber-attacks. In this paper, an anomaly-based IDS is proposed to overcome a diverse range of cyber-attacks in IoT environments. The proposed method uses the kernel principal component analysis technique to minimize the dimension of data features and to improve the anomaly detection performance. We employ the kernel extreme learning machine to determine whether the traffic flow is benign or malicious for binary classification, and to classify the group of attacks to its specific type for multiclass classification. To validate the efficacy of the proposed anomaly detection method, two modern datasets are used to evaluate and analyze the performance results. The evaluation results demonstrate that the proposed anomaly detection approach can effectively improve the detection efficiency and significantly enhance the detection performance results in terms of accuracy rate, specificity rate, sensitivity rate, F1-score, and the area under curve.
Similar content being viewed by others
References
Ahmad M, Riaz Q, Zeeshan M, Tahir H, Haider SA, Khan MS (2021) Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set. EURASIP J Wirel Commun Netw 2021:10. https://doi.org/10.1186/s13638-021-01893-8
Alanazi M, Aljuhani A (2022) Anomaly detection for Internet of Things cyberattacks. Computers, Materials & Continua 72:261–279
Alharbi A, Alosaimi W, Alyami H, Rauf HT, Damaševičius R (2021) Botnet attack detection using local global best bat algorithm for industrial internet of things. Electronics 10:1341. https://doi.org/10.3390/electronics10111341
Al-Hawawreh M, Moustafa N, Sitnikova E (2018) Identification of malicious activities in industrial internet of things based on deep learning models. J Inf Secur Appl 41:1–11. https://doi.org/10.1016/j.jisa.2018.05.002
Aljuhani A (2021) Machine learning approaches for combating distributed denial of service attacks in modern networking environments. IEEE Access 9:42236–42264. https://doi.org/10.1109/ACCESS.2021.3062909
Bacha S, Taouali O (2022) A novel machine learning approach for breast cancer diagnosis. Measurement 187:110233. https://doi.org/10.1016/j.measurement.2021.110233
Barata JCA, Hussein MS (2012) The moore–penrose pseudoinverse: a tutorial review of the theory. Braz J Phys 42:146–165. https://doi.org/10.1007/s13538-011-0052-z
Chang X, Nie F, Wang S, Yang Y, Zhou X, Zhang C (2015) Compound rank-k projections for bilinear analysis. IEEE Trans Neural Netw Learn Syst 27:1502–1513. https://doi.org/10.1109/TNNLS.2015.2441735
Chen K, Yao L, Zhang D, Wang X, Chang X, Nie F (2019) A semisupervised recurrent convolutional attention model for human activity recognition. IEEE Trans Neural Netw Learn Syst 31:1747–1756. https://doi.org/10.1109/TNNLS.2019.2927224
Da Costa KAP, Papa JP, Lisboa CO, Munoz R, De Albuquerque VHC (2019) Internet of things: a survey on machine learning-based intrusion detection approaches. Comput Netw 151:147–157. https://doi.org/10.1016/j.comnet.2019.01.023
Eskandari M, Janjua ZH, Vecchio M, Antonelli F (2020) Passban IDS: an intelligent anomaly-based intrusion detection system for IoT edge devices. IEEE Internet Things J 7:6882–6897. https://doi.org/10.1109/JIOT.2020.2970501
Gamage S, Samarabandu J (2020) Deep learning methods in network intrusion detection: a survey and an objective comparison. J Netw Comput Appl 169:102767. https://doi.org/10.1016/j.jnca.2020.102767
Kasongo SM, Sun Y (2020) Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. J Big Data 7:105. https://doi.org/10.1186/s40537-020-00379-6
Khan MA, Salah K (2018) IoT security: review, blockchain solutions, and open challenges. Future Gener Comput Syst 82:395–411. https://doi.org/10.1016/j.future.2017.11.022
Kumar V, Sinha D, Das AK, Pandey SC, Goswami RT (2020) An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Clust Comput 23:1397–1418. https://doi.org/10.1007/s10586-019-03008-x
Kumar R, Mishra BK, Pattnaik PK (2021) Next generation of internet of things. Springer, Singapore
Luo M, Chang X, Nie L, Yang Y, Hauptmann AG, Zheng Q (2017) An adaptive semisupervised feature analysis for video semantic recognition. IEEE Trans Cybern 48:648–660. https://doi.org/10.1109/TCYB.2017.2647904
Makhdoom I, Abolhasan M, Lipman J, Liu RP, Ni W (2018) Anatomy of threats to the internet of things. IEEE Commun Surv Tutor 21:1636–1675. https://doi.org/10.1109/COMST.2018.2874978
Manimurugan S (2021) IoT-Fog-Cloud model for anomaly detection using improved Naïve Bayes and principal component analysis. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-020-02723-3
Meidan Y, Bohadana M, Mathov Y, Mirsky Y, Shabtai A, Breitenbacher D, Elovici Y (2018) N-BaIoT—network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Comput 17:12–22. https://doi.org/10.1109/MPRV.2018.03367731
Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 military communications and information systems conference (MilCIS). IEEE, Canberra, ACT, Australia, pp 1–6
Paloalto (2020) 2020 Unit 42 IoT threat report. https://unit42.paloaltonetworks.com/iot-threat-report-2020/. Accessed 10 March 2020
Ren P, Xiao Y, Chang X, Huang P-Y, Li Z, Chen X, Wang X (2020) A comprehensive survey of neural architecture search: challenges and solutions. arXiv preprint arXiv:2006.02903
Schölkopf B, Smola A, Müller K (1998) Nonlinear component analysis as a kernel eigenvalue problem. Neural Comput 10:1299–1319. https://doi.org/10.1162/089976698300017467
Soe YN, Feng Y, Santosa PI, Hartanto R, Sakurai K (2020) Machine learning-based IoT-botnet attack detection with sequential architecture. Sensors 20:4372. https://doi.org/10.3390/s20164372
Tama BA, Nkenyereye L, Islam SMR, Kwak KS (2020) An enhanced anomaly detection in web traffic using a stack of classifier ensemble. IEEE Access 8:24120–24134. https://doi.org/10.1109/ACCESS.2020.2969428
Taouali O, Jaffel I, Lahdhiri H, Harkat MF, Messaoud H (2016) New fault detection method based on reduced kernel principal component analysis (RKPCA). Int J Adv Manuf Technol 85:1547–1552. https://doi.org/10.1007/s00170-015-8059-1
Tun MT, Nyaung DE, Phyu MP (2020) Network anomaly detection using threshold-based sparse. In: Proceedings of the 11th international conference on advances in information technology. Association for Computing Machinery, Bangkok, Thailand, pp Article 21
Verma A, Ranga V (2020) Machine learning based intrusion detection systems for IoT applications. Wirel Pers Commun 111:2287–2310. https://doi.org/10.1007/s11277-019-06986-8
Wang Q (2012) Kernel principal component analysis and its applications in face recognition and active shape models. arXiv preprint arXiv:1207.3538
Wang R, Nie F, Hong R, Chang X, Yang X, Yu W (2017) Fast and orthogonal locality preserving projections for dimensionality reduction. IEEE Trans Image Process 26:5019–5030. https://doi.org/10.1109/TIP.2017.2726188
Xiao L, Wan X, Lu X, Zhang Y, Wu D (2018) IoT security techniques based on machine learning: how do IoT devices use AI to enhance security? IEEE Signal Process Mag 35:41–49. https://doi.org/10.1109/MSP.2018.2825478
Yan C, Chang X, Luo M, Zheng Q, Zhang X, Li Z, Nie F (2020) Self-weighted robust LDA for multiclass classification with edge classes. ACM Trans Intell Syst Technol 12:1–19. https://doi.org/10.1145/3418284
Yan C, Chang X, Li Z, Guan W, Ge Z, Zhu L, Zheng Q (2021) ZeroNAS: differentiable generative adversarial networks search for zero-shot learning. IEEE Trans Pattern Anal Mach Intell. https://doi.org/10.1109/TPAMI.2021.3127346
Zhang D, Yao L, Chen K, Wang S, Chang X, Liu Y (2019) Making sense of spatio-temporal preserving representations for EEG-based human intention recognition. IEEE Trans Cybern 50:3033–3044. https://doi.org/10.1109/TCYB.2019.2905157
Zhou W, Jia Y, Peng A, Zhang Y, Liu P (2018) The effect of IoT new features on security and privacy: new threats, existing solutions, and challenges yet to be solved. IEEE Internet Things J 6:1606–1616. https://doi.org/10.1109/JIOT.2018.2847733
Zhou R, Chang X, Shi L, Shen YD, Yang Y, Nie F (2019) Person reidentification via multi-feature fusion with adaptive graph learning. IEEE Trans Neural Netw Learn Syst 31:1592–1601. https://doi.org/10.1109/TNNLS.2019.2920905
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Bacha, S., Aljuhani, A., Abdellafou, K.B. et al. Anomaly-based intrusion detection system in IoT using kernel extreme learning machine. J Ambient Intell Human Comput 15, 231–242 (2024). https://doi.org/10.1007/s12652-022-03887-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-022-03887-w