Abstract
The Internet of Things (IoT) interconnects billions of sensors and actuators to serve a meaningful purpose. However, it is always vulnerable to various menaces. Thus, IoT security represents a big concern in the research field. Various tools were developed to mitigate these security issues. So, Intrusion detection systems (IDS) have gained much attention in the research community due to their critical role in maintaining network security. In this work, we integrate a network IDS (NIDS) to enhance IoT security. This paper presents a network intrusion detection model for IoT environments using a K-Nearest Neighbors (K-NN) classifier and feature selection. We built the NIDS using the K-NN algorithm to improve the IDS accuracy (ACC) and detection rate (DR). Furthermore, the principal component analysis (PCA), univariate statistical test, and genetic algorithm (GA) are used for feature selection separately to improve the data quality and select the ten best performing features. The performance evaluation of our model is performed on the Bot-IoT dataset. After applying the feature selection, the models have shown promising results regarding ACC, DR, false alarm rate (FAR), and predicting time. Our proposed model provided 99.99% ACC and maintained its superior performance for the ten selected features. Furthermore, we calculated the prediction time, as we consider it critical in building IDS for IoT, and by applying feature selection, we reduced it significantly from 51,182.22 s to under a minute. This novel model presents many advantages and reliable performances compared with previous models relying on the same dataset.
Similar content being viewed by others
Data availability
Assessments and Experimental results, obtained using Anaconda 3 IDE, are available and will be shared with authors at https://sites-Google.com/umi.ac.ma/azrour.
References
Ahmim A, Maglaras L, Ferrag MA, Derdour M, Janicke H (2019) A novel hierarchical intrusion detection system based on decision tree and rules-based models, in 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), IEEE, pp. 228–233
Alaba FA, Othman M, Hashem IAT, Alotaibi F (2017) Internet of things security: a survey. J Netw Comput Appl 88:10–28
Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl-Based Syst 189:105124
Al-Qaseemi SA, Almulhim HA, Almulhim MF, Chaudhry SR (2016) IoT architecture challenges and issues: Lack of standardization, in 2016 Future technologies conference (FTC)
Altman NS (1992) An introduction to kernel and nearest-neighbor nonparametric regression. Am Stat 46:175–185
Ayo FE, Folorunso SO, Abayomi-Alli AA, Adekunle AO, Awotunde JB (2020) Network intrusion detection based on deep learning model optimized with rule-based hybrid feature selection. Inform Secur J: A Global Perspective 29(6):267–283
Azrour M, Mabrouki J, Guezzaz A, Farhaoui Y (2021) New enhanced authentication protocol for internet of things. Big Data Mining and Analytics 4(1):1–9
Azrour M, Mabrouki J, Farhaoui Y, Guezzaz A (2021) Security analysis of Nikooghadam et al.’s authentication protocol for Cloud-IoT. Intell Syst Big Data, Semantic Web Machine Learn:261–269
Azrour M, Mabrouki J, Guezzaz A, Kanwal A (2021) Internet of things security: challenges and key issues. Secur Commun Netw 2021:11
Bamakan SMH, Wang H, Yingjie T, Shi Y (2016) An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199:90–102
Bennett KP, Demiriz A (1998) Semi-supervised support vector machines. Adv Neural Inf Proces Syst:368–374
Blum A, Mitchell T (1998) Combining labeled and unlabeled data with co-training, in Proceedings of the eleventh annual conference on Computational learning theory, pp. 92–100
Buczak AL, Guven E (2016) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun Surv Tutor 18(2):1153–1176
Chanal PM, Kakkasageri MS (2020) Security and privacy in IoT: a survey. Wirel Pers Commun 115:1667–1693
Chen J, Qi X, Chen L, Chen F, Cheng G (2020) Quantum-inspired ant lion optimized hybrid k-means for cluster analysis and intrusion detection. Knowl-Based Syst 203:106167
Dunn OJ (1961) Multiple comparisons among means. J Am Stat Assoc 56(293):52–64
Ester M, Kriegel H-P, Sander J, Xu X (1996) A density-based algorithm for discovering clusters in large spatial databases with noise., in Kdd-96 Proceedings, Munich, AAAI Press, pp. 226–231
Ferrag MA, Maglaras L, Moschoyiannis S, Janicke H (2020) Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J Inform Secur Appl 50:102419
Friedman M (1937) The use of ranks to avoid the assumption of normality implicit in the analysis of variance. J Am Stat Assoc 32(200):675–701
Garcìa-Teodoro P, Dìaz-Verdejo J, Macià-Fernàndez G, Vàzquez E (2009) Anomaly-based network intrusion detection: Techniques, systems and challenges. Comput Secur 28:18–28
Ge M, Syed NF, Fu X, Baig Z, Robles-Kelly A (2021) Towards a deep learning-driven intrusion detection approach for internet of things. Comput Netw 186:107784
Gu J, Lu S (2020) An effective intrusion detection approach using SVM with naïve Bayes feature embedding. Comput Secur 103:102158
Gu J, Wang L, Wang H, Wang S (2019) A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput Secur 86:53–62
Guezzaz A, Asimi A, Asimi Y, Tbatou Z, Sadqi Y (2017) A lightweight neural classifier for intrusion detection. Gen Lett Math 2:57–66
Guezzaz A, Asimi A, Asimi Y, Tbatous Z, Sadqi Y (2019) A global intrusion detection system using PcapSockS sniffer and multilayer perceptron classifier. Int J Netw Secur 21:438–450
Guezzaz A, Asimi A, Asimi Y, Azrour M, Benkirane S (2021) A distributed intrusion detection approach based on machine leaning techniques for a cloud security. Intelligent Systems in Big Data, Semantic Web and Machine Learning:85–94
Guezzaz A, Asimi Y, Azrour M, Asimi A (2021) Mathematical validation of proposed machine learning classifier for heterogeneous traffic and anomaly detection. Big Data Mining and Analytics 4(1):18–24
Guezzaz A, Benkirane S, Azrour M, Khurram S (2021) A reliable network intrusion detection approach using decision tree with enhanced data quality," Secur Commun Netw vol 2021
Hodo E, Bellekens X, Hamilton A, Dubouilh P-L, Iorkyase E, Tachtatzis C, Atkinson R (2016) Threat analysis of IoT networks using artificial neural network intrusion detection system, in 2016 international symposium on networks, Computers and Communications (ISNCC), IEEE, pp. 1-6
Idrissi I, Boukabous M, Azizi M, Moussaoui O, El Fadili H (2021) Toward a deep learning-based intrusion detection system for IoT against botnet attacks. IAES Int J Artific Intell 10:110
Jabbar MA, Aluvalu R, Seelam SSR (2017) RFAODE: A novel ensemble intrusion detection system. Procedia Comput Sci 115:226–234
Khalili A, Sami A, Khozaei A, Pouresmaeeli S (2018) SIDS: state-based intrusion detection for stage-based cyber physical systems. Int J Crit Infrastruct Prot 22:113–124
Khraisat A, Gondal I, Vamplew P, Kamruzzaman J (2019) Survey of intrusion detection system: techniques, datasets and challenges. Cybersecurity 2:1–22
Koroniotis N, Moustafa N, Sitnikova E, Turnbull B (2019) Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: bot-iot dataset. Futur Gener Comput Syst 100:779–796
Kuang T, Hu Z, Xu M (2020) A genetic optimization algorithm based on Adaptative dimensionality reduction," Math Problems Eng vol 2020
Lee JD, Cha HS, Rathore S, Park JH (2021) M-IDM: a multi-classification based intrusion detection model in healthcare IoT. Computers, Materials and Continua 67(2):1537–1553
Li L, Yang D-Z, Shen F-C (2010) A novel rule-based intrusion detection system using data mining, in 2010 3rd International Conference on Computer Science and Information Technology, IEEE, pp. 169–172
Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y (2013) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36(1):16–24
Liu FT, Ting KM, Zhou Z-H (2008) Isolation forest, in 2008 eighth ieee international conference on data mining, IEEE, pp. 413–422
Mebawondu JO, Alowolodu OD, Mebawondu JO, Adetunmbi AO (2020) Network intrusion detection system using supervised learning paradigm. Scientific African 9:e00497
Meidan Y, Sachidananda V, Peng H, Sagron R, Elovici Y, Shabtai A (2020) A novel approach for detecting vulnerable IoT devices connected behind a home NAT. Comput Secur 97:101968
Miller DJ, Uyar HS (1997) A mixture of experts classifier with learning based on both labeled and unlabeled data, in Advances in neural information processing systems, pp. 571–577
Mohamed Noor MB, Hassan WH (2018) Current research on internet of things (IoT) security: a survey. Comput Netw 148:283–294
Mukhopadhyay I, Gupta KS, Sen D, Gupta P (2015) Heuristic intrusion detection and prevention system, in 2015 International Conference and Workshop on Computing and Communication (IEMCON), IEEE, pp. 1–7
Peng K, Leung V, Zheng L, Wang S, Huang C, Lin T (2018) Intrusion detection system based on decision tree over big data in fog environment. Wireless Commun Mobile Comput vol 2018
Pise NN, Kulkarni P (2008) A survey of semi-supervised learning methods," in 2008 International conference on computational intelligence and security, vol. 2, IEEE, 2008, pp. 30–34
Rathore S, Park JH (2020) A blockchain-based deep learning approach for cyber security in next generation industrial cyber-physical systems. IEEE Trans Industr Inform 17(8):5522–5532
Sadaf K, Sultana J (2020) Intrusion detection based on autoencoder and isolation Forest in fog computing. IEEE Access 8:167059–167068
Sadreazami H, Mohammadi A, Asif A, Plataniotis KN (2018) Distributed-graph-based statistical approach for intrusion detection in cyber-physical systems. IEEE Transactions on Signal and Information Processing over Networks 4(1):137–147
Sallam AA, Kabir MN, Alginahi YM, Jamal A, Esmeel TK (2020) IDS for improving DDoS attack recognition based on attack profiles and network traffic features, in 2020 16th IEEE international colloquium on signal processing \& its applications (CSPA), IEEE, pp. 255–260
Sarker IH, Abushark YB, Alsolami F, Khan AI (2020) Intrudtree: a machine learning based cyber security intrusion detection model. Symmetry 12(5):754
Saxena A, Saxena K, Goyal J (2019) Hybrid technique based on dbscan for selection of improved features for intrusion detection system, in Emerging Trends in Expert Applications and Security, Springer, pp. 365–377
Sethi P, Sarangi SR (2017) Internet of things: architectures, protocols, and applications. J Electric Comput Eng 2017:1–25
Shafiq M, Tian Z, Sun Y, Du X, Guizani M (2020) Selection of effective machine learning algorithm and bot-IoT attacks traffic identification for internet of things in smart city. Futur Gener Comput Syst 107:433–442
Sicato JCS, Singh SK, Rathore S, Park JH (2020) A comprehensive analyses of intrusion detection system for IoT environment. J Inform Process Syst 16(4):975–990
Tcydenova E, Kim TW, Lee C, Park JH (2021) Detection of adversarial attacks in AI-based intrusion detection systems using explainable AI. Human-Centric Comput Inform Sci vol. 11
Tufan E, Tezcan C, Acartürk C (2021) Anomaly-based intrusion detection by machine learning: a case study on probing attacks to an institutional network. IEEE Access 9:50078–50092
Ullah I, Mahmoud QH (2021) Design and development of a deep learning-based model for anomaly detection in IoT networks. IEEE Access 9:103906–103926
Verma A, Ranga V (2020) Machine learning based intrusion detection systems for IoT applications. Wirel Pers Commun 111(4):2287–2310
Von Solms R, Van Niekerk J (2013) "From information security to cyber security," computers & security, vol. 38, pp. 97–102
Waskle S, Parashar L, Singh U (2020) Intrusion detection system using PCA with random forest approach, in 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC), IEEE, pp. 803–808
Wazirali R (2020) An improved intrusion detection system based on KNN Hyperparameter tuning and cross-validation. Arab J Sci Eng 45(12):10859–10873
Funding
This research work was not funded and without financially supporting. We did this research work as professors of computer sciences and mathematics at Universities
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflicts of interests/competing interests
Also, we declare that we have no conflict of interest.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Mohy-eddine, M., Guezzaz, A., Benkirane, S. et al. An efficient network intrusion detection model for IoT security using K-NN classifier and feature selection. Multimed Tools Appl 82, 23615–23633 (2023). https://doi.org/10.1007/s11042-023-14795-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-023-14795-2