A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT
The lack of standardization and the heterogeneous nature of the Internet of Things (IoT) has exacerbated the issue of security and privacy. In literature, to improve security at the network layer of the IoT architecture, the possibility of using Software-Defined Networking (SDN) was explored. SDN is...
Saved in:
| Main Authors: | , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2023
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/167102 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-167102 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1671022023-05-12T15:41:11Z A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT Ilango, Harun Surej Ma, Maode Su, Rong School of Electrical and Electronic Engineering Engineering Engineering::Electrical and electronic engineering Engineering::Electrical and electronic engineering::Wireless communication systems Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Internet of Things Software-Defined Networking Deep Learning Low-Rate DoS Attacks CIC DoS 2017 Anomaly Detection Network Security The lack of standardization and the heterogeneous nature of the Internet of Things (IoT) has exacerbated the issue of security and privacy. In literature, to improve security at the network layer of the IoT architecture, the possibility of using Software-Defined Networking (SDN) was explored. SDN is also plagued by network threats that affect conventional networks. One such threat to a network is the Low-Rate Denial of Service (LR DoS) attack, where the attacker sends precise traffic bursts that force a TCP flow to enter a retransmission timeout state. LR DoS attacks are difficult to detect as their attack signature is similar to benign network traffic. The existing AI-based detection algorithms in the literature are signature-based, and their efficacy in detecting unknown LR DoS attacks was not explored. In this work, an AI-based anomaly detection scheme called FeedForward–Convolutional Neural Network (FFCNN) is proposed to detect LR DoS attacks in IoT-SDN. The Canadian Institute of Cybersecurity Denial of Service 2017 (CIC DoS 2017) dataset is used for the study. An iterative wrapper-based feature selection using Support Vector Machine (SVM) is used to derive the significant features required for detection. The performance of FFCNN is compared to the machine learning algorithms-J48, Random Forest, Random Tree, REP Tree, SVM, and Multi-Layer Perceptron (MLP). The performance of the models is measured using the metrics accuracy, precision, recall, F1 score, detection time per flow, and ROC curves. The empirical analysis shows that FFCNN outperforms other machine learning algorithms on all metrics. Agency for Science, Technology and Research (A*STAR) Published version This research is supported by A*STAR, Singapore under its RIE2020 Advanced Manufacturing and Engineering (AME) Industry Alignment Fund – Pre Positioning (IAF-PP) (Award A19D6a0053). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not reflect the views of A*STAR. Open Access funding provided by the Qatar National Library. 2023-05-11T05:01:10Z 2023-05-11T05:01:10Z 2022 Journal Article Ilango, H. S., Ma, M. & Su, R. (2022). A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT. Engineering Applications of Artificial Intelligence, 114, 105059-. https://dx.doi.org/10.1016/j.engappai.2022.105059 0952-1976 https://hdl.handle.net/10356/167102 10.1016/j.engappai.2022.105059 2-s2.0-85132754926 114 105059 en A19D6a0053 Engineering Applications of Artificial Intelligence © 2022 Qatar University. Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/). application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering Engineering::Electrical and electronic engineering Engineering::Electrical and electronic engineering::Wireless communication systems Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Internet of Things Software-Defined Networking Deep Learning Low-Rate DoS Attacks CIC DoS 2017 Anomaly Detection Network Security |
| spellingShingle |
Engineering Engineering::Electrical and electronic engineering Engineering::Electrical and electronic engineering::Wireless communication systems Engineering::Computer science and engineering::Computing methodologies::Artificial intelligence Internet of Things Software-Defined Networking Deep Learning Low-Rate DoS Attacks CIC DoS 2017 Anomaly Detection Network Security Ilango, Harun Surej Ma, Maode Su, Rong A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT |
| description |
The lack of standardization and the heterogeneous nature of the Internet of Things (IoT) has exacerbated the issue of security and privacy. In literature, to improve security at the network layer of the IoT architecture, the possibility of using Software-Defined Networking (SDN) was explored. SDN is also plagued by network threats that affect conventional networks. One such threat to a network is the Low-Rate Denial of Service (LR DoS) attack, where the attacker sends precise traffic bursts that force a TCP flow to enter a retransmission timeout state. LR DoS attacks are difficult to detect as their attack signature is similar to benign network traffic. The existing AI-based detection algorithms in the literature are signature-based, and their efficacy in detecting unknown LR DoS attacks was not explored. In this work, an AI-based anomaly detection scheme called FeedForward–Convolutional Neural Network (FFCNN) is proposed to detect LR DoS attacks in IoT-SDN. The Canadian Institute of Cybersecurity Denial of Service 2017 (CIC DoS 2017) dataset is used for the study. An iterative wrapper-based feature selection using Support Vector Machine (SVM) is used to derive the significant features required for detection. The performance of FFCNN is compared to the machine learning algorithms-J48, Random Forest, Random Tree, REP Tree, SVM, and Multi-Layer Perceptron (MLP). The performance of the models is measured using the metrics accuracy, precision, recall, F1 score, detection time per flow, and ROC curves. The empirical analysis shows that FFCNN outperforms other machine learning algorithms on all metrics. |
| author2 |
School of Electrical and Electronic Engineering |
| author_facet |
School of Electrical and Electronic Engineering Ilango, Harun Surej Ma, Maode Su, Rong |
| format |
Article |
| author |
Ilango, Harun Surej Ma, Maode Su, Rong |
| author_sort |
Ilango, Harun Surej |
| title |
A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT |
| title_short |
A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT |
| title_full |
A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT |
| title_fullStr |
A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT |
| title_full_unstemmed |
A FeedForward–Convolutional Neural Network to detect low-rate DoS in IoT |
| title_sort |
feedforward–convolutional neural network to detect low-rate dos in iot |
| publishDate |
2023 |
| url |
https://hdl.handle.net/10356/167102 |
| _version_ |
1770563503600435200 |