Abstract
One of the most critical features of the Internet of Things (IoT) is that it allows a massive number of devices to communicate with each other at the same time, for example (cars, smoke alarms, watches, glasses, web cameras, etc.). Given that they can connect to the Internet, the huge demand to convert systems into smart systems that can be controlled remotely increases the chances of cyber-attacks that threaten security and availability becoming more frequent, severe, and in a different form. Distributed Denial of Service (DDoS) attacks have become the most common threats in IoT. These attacks make IoT systems unreliable because complex DDoS attacks cannot be detected by traditional security countermeasures such as firewalls and intrusion detection systems (IDS). In this research, we proposed a model dedicated to work on prediction and detection of DDoS attacks on networks IoT, where we run this model on a NF-BoT-IoT-v2 dataset, which contains 37,763,497 records divided into five categories (Benign, Reconnaissance, DDoS, DoS, and Theft), and then we process our dataset to be more business friendly so it only has two categories (100,000 records broken down into 23,906 benign attacks and 76,094 DDoS attacks). This study used WEKA and MATLAB tools to perform the classification efficiently and find the most important features through feature selection. We used a decision tree (J48) machine learning classifier, a Naive Bayes (NB) classifier, and a random forest (RF) classifier. However, the results were as expected and improved accuracy and efficiency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hossain, E., Khan, I., Un-Noor, F., Sikander, S.S., Sunny, M.S.H.: Application of big data and machine learning in smart grid, and associated security concerns: a review. IEEE Access 7, 13960–13988 (2019)
Nguyen, T.G., Phan, T.V., Nguyen, B.T., So-In, C., Baig, Z.A., Sanguanpong, S.: SeArch: a collaborative and intelligent NIDS architecture for SDN-based cloud IoT networks. IEEE Access 7, 107678–107694 (2019)
Jonker, M., King, A., Krupp, J., Rossow, C., Sperotto, A., Dainotti, A.: Millions of targets under attack: a macroscopic characterization of the DoS ecosystem. In: Proceedings of the 2017 Internet Measurement Conference, pp. 100–113 (2017)
Hussain, F., Abbas, S.G., Husnain, M., Fayyaz, U.U., Shahzad, F., Shah, G.A.: IoT DoS and DDoS attack detection using ResNet. In: 2020 IEEE 23rd International Multitopic Conference (INMIC), pp. 1–6. IEEE (2020)
Khalaf, B.A., Mostafa, S.A., Mustapha, A., Mohammed, M.A., Abduallah, W.M.: Comprehensive review of artificial intelligence and statistical approaches in distributed denial of service attack and defense methods. IEEE Access 7, 51691–51713 (2019)
Ghazanfar, S., Hussain, F., Rehman, A.U., Fayyaz, U.U., Shahzad, F., Shah, G.A.: IoT-flock: an open-source framework for IoT traffic generation. In: 2020 International Conference on Emerging Trends in Smart Technologies (ICETST), pp. 1–6. IEEE (2020)
Sharafaldin, I., Lashkari, A.H., Hakak, S., Ghorbani, A.A.: Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1–8. IEEE (2019)
Liu, X., Tang, Z., Yang, B.: Predicting network attacks with CNN by constructing images from NetFlow data. In: 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing,(HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), pp. 61–66. IEEE (2019)
Marzano, A., et al.: The evolution of bashlite and mirai IoT botnets. In: 2018 IEEE Symposium on Computers and Communications (ISCC), pp. 00813–00818. IEEE (2018)
Shah, S.A.R., Issac, B.: Performance comparison of intrusion detection systems and application of machine learning to Snort system. Futur. Gener. Comput. Syst. 80, 157–170 (2018)
Bhamare, D., Salman, T., Samaka, M., Erbad, A., Jain, R.: Feasibility of supervised machine learning for cloud security. In: 2016 International Conference on Information Science and Security (ICISS), pp. 1–5) IEEE (2016)
He, Z., Zhang, T., Lee, R.B.: Machine learning based DDoS attack detection from source side in cloud. In: 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), pp. 114–120. IEEE (2017)
Salman, T., Bhamare, D., Erbad, A., Jain, R., Samaka, M.: Machine learning for anomaly detection and categorization in multi-cloud environments. In: 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), pp. 97–103. IEEE (2017)
Sarhan, M., Layeghy, S., Moustafa, N., Portmann, M.: Netflow datasets for machine learning-based network intrusion detection systems. In: Deze, Z., Huang, H., Hou, R., Rho, S., Chilamkurti, N. (eds.) BDTA/WiCON -2020. LNICSSITE, vol. 371, pp. 117–135. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-72802-1_9
Pontes, C.F., de Souza, M.M., Gondim, J.J., Bishop, M., Marotta, M.A.: A new method for flow-based network intrusion detection using the inverse Potts model. IEEE Trans. Netw. Serv. Manage. 18(2), 1125–1136 (2021)
Khoei, T.T., Aissou, G., Hu, W.C., Kaabouch, N.: Ensemble learning methods for anomaly intrusion detection system in smart grid. In: 2021 IEEE International Conference on Electro Information Technology (EIT), pp. 129–135. IEEE (2021)
Le, T.T.H., Kim, H., Kang, H., Kim, H.: Classification and explanation for intrusion detection system based on ensemble trees and SHAP method. Sensors, 22(3), 1154 (2022)
Sarhan, M., Layeghy, S., Moustafa, N., Portmann, M.: Cyber threat intelligence sharing scheme based on federated learning for network intrusion detection. J. Netw. Syst. Manage. 31(1), 1–2 (2023)
Moustafa, N.: New generations of internet of things datasets for cybersecurity applications based machine learning: TON_IoT datasets. In: Proceedings of the eResearch Australasia Conference, Brisbane, Australia, pp. 21–25 (2019)
Lo, W.W., Layeghy, S., Sarhan, M., Gallagher, M., Portmann, M.: E-GraphSAGE: a graph neural network based intrusion detection system for IoT. In: 2022 IEEE/IFIP Network Operations and Management Symposium, NOMS 2022, pp. 1–9. IEEE (2022)
Zhou, Y., Cheng, G., Jiang, S., Dai, M.: Building an efficient intrusion detection system based on feature selection and ensemble classifier. Comput. Netw. 174, 107247 (2020)
Polat, H., Danaei Mehr, H., Cetin, A.: Diagnosis of chronic kidney disease based on support vector machine by feature selection methods. J. Med. Syst. 41(4), 1–11 (2017)
Aytaç, T., Aydın, M.A., Zaim, A.H.: Detection DDOS attacks using machine learning methods (2020)
Anjana, K.V., Urolagin, S.: Churn prediction in telecom industry using machine learning algorithms with K-Best and principal component analysis. In: Gao, X.-Z., Kumar, R., Srivastava, S., Soni, B.P. (eds.) Applications of Artificial Intelligence in Engineering. AIS, pp. 499–507. Springer, Singapore (2021). https://doi.org/10.1007/978-981-33-4604-8_40
Sarhan, M., Layeghy, S., Portmann, M.: Evaluating standard feature sets towards increased generalizability and explainability of ML-based network intrusion detection. Big Data Res. 30, 100359 (2022)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Mughaid, A. et al. (2023). Utilizing Machine Learning Algorithms for Effectively Detection IoT DDoS Attacks. In: Daimi, K., Al Sadoon, A. (eds) Proceedings of the 2023 International Conference on Advances in Computing Research (ACR’23). ACR 2023. Lecture Notes in Networks and Systems, vol 700. Springer, Cham. https://doi.org/10.1007/978-3-031-33743-7_49
Download citation
DOI: https://doi.org/10.1007/978-3-031-33743-7_49
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33742-0
Online ISBN: 978-3-031-33743-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)