Nothing Special   »   [go: up one dir, main page]

skip to main content
10.1145/3339252.3340497acmotherconferencesArticle/Chapter ViewAbstractPublication PagesaresConference Proceedingsconference-collections
research-article

DEMISe: Interpretable Deep Extraction and Mutual Information Selection Techniques for IoT Intrusion Detection

Published: 26 August 2019 Publication History

Abstract

Recent studies have proposed that traditional security technology -- involving pattern-matching algorithms that check predefined pattern sets of intrusion signatures -- should be replaced with sophisticated adaptive approaches that combine machine learning and behavioural analytics. However, machine learning is performance driven, and the high computational cost is incompatible with the limited computing power, memory capacity and energy resources of portable IoT-enabled devices. The convoluted nature of deep-structured machine learning means that such models also lack transparency and interpretability. The knowledge obtained by interpretable learners is critical in security software design. We therefore propose two novel models featuring a common Deep Extraction and Mutual Information Selection (DEMISe) element which extracts features using a deep-structured stacked autoencoder, prior to feature selection based on the amount of mutual information (MI) shared between each feature and the class label. An entropy-based tree wrapper is used to optimise the feature subsets identified by the DEMISe element, yielding the DEMISe with Tree Evaluation and Regression Detection (DETEReD) model. This affords 'white box' insight, and achieves a time to build of 603 seconds, a 99.07% detection rate, and 98.04% model accuracy. When tested against AWID, the best-referenced intrusion detection dataset, the new models achieved a test error comparable to or better than state-of-the-art machine-learning models, with a lower computational cost and higher levels of transparency and interpretability.

References

[1]
V Adat and BB Gupta (2018) Security in Internet of Things: issues, challenges, taxonomy, and architecture. Telecommunication Systems, 67(3), 423--441.
[2]
C Kolias, A Stavrou, J Voas, I Bojanova, and R Kuhn (2016b) Learning Internet-of-Things security "hands-on". IEEE Security & Privacy, 14(1), 37--46.
[3]
W Li, W Meng, and HS Horace (2017). Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model. Journal of Network and Computer Applications, 77(1), 135--45.
[4]
AL Buczak and E Guven (2016) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153--76.
[5]
J Cong and B Xiao (2014) Minimizing computation in convolutional neural networks. International conference on artificial neural networks, 15, 281--290.
[6]
T Hamed, R Dara and SC Kremer (2018) Network intrusion detection system based on recursive feature addition and bigram technique. Computers and Security, 73. 137--155.
[7]
E Cho, J Kim and C Hong (2009) Attack model and detection scheme for botnet on 6LoWPAN, 12th Asia-Pacific Network Operations and Management Symposium. Jeju, South Korea, 515--518.
[8]
A Gupta, OJ Pandey, M Shukla, A Dadhich, S Mathur and A Ingle (2013) Computational intelligence based intrusion detection systems for wireless communication and pervasive computing networks, 2013 IEEE International Conference on Computational Intelligence and Computing Research. Tamilnadu, India, 26-28 December, 1--7.
[9]
NK Thanigaivelan, E Nigussie, RK Kanth, S Virtanen and J Isoaho (2016) Distributed internal anomaly detection system for Internet-of-Things, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC). Las Vegas, USA, 9-12 January, 319--320.
[10]
ME Aminanto, R Choi, HC Tanuwidjaja, PD Yoo and K Kim (2018) Deep abstraction and weighted feature selection for Wi-Fi impersonation detection, IEEE Transactions on Information Forensics and Security, 13(3), 621--636.
[11]
ME Aminanto and K Kim (2017) Detecting impersonation attack in WiFi networks using deep learning approach, Information Security Applications 17th International Workshop. Jeju Island, South Korea, 25-27 August 2016, 136--147.
[12]
C Kolias, G Kambourakis, A Stavrou and S Gritzalis (2016a) Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset, IEEE Communication Surveys and Tutorials, 18(1), 184--208.
[13]
A Gharib, I Sharafaldin, AH Lashkari and AA Ghorbani (2017) An evaluation framework for intrusion detection dataset, ICISS 2016, 2016 International Conference on Information Science and Security, Jaipur, India, 16-20 December, 1--5.
[14]
I Witten, E Frank, M Hall and C Pal, 2017 Data mining: practical machine learning tools and techniques (4th ed). Morgan Kaufmann, Cambridge, USA.
[15]
Stanford University (2018) UFLDL tutorial: autoencoders http://ufldl.stanford.edu/tutorial/unsupervised/Autoencoders/
[16]
Z Wang (2015) The applications of deep learning on traffic identification, Black Hat, Las Vegas, USA, 5-6 August.
[17]
G Kesavaraj and S Sukumaran (2013) A study on classification techniques in data mining. 2013 Fourth International Conference on Computing, Communications and Networking Technologies, Tiruchengode, India, 4-6 July, 1--7.
[18]
JR Vergara and PA Estévez (2014) A review of feature selection methods based on mutual information. Neural Computing and Applications, 24(1), 175--186.
[19]
OY Al-Jarrah, O. Y., Alhussein, O., Yoo, P.D., Muhaidat, S., Taha, K. and Kim, K. (2016) Data randomization and cluster-based partitioning for botnet intrusion detection'. IEEE Transactions on Cybernetics, 46(8), pp. 1796--1806.
[20]
A Shabtai, U Kanonov, Y Elovici, C Glezer and Y Weiss (2012) "Andromaly": a behavioral malware detection framework for android devices'. Journal of Intelligent Information Systems, 38(1), 161--190.
[21]
USKPM Thanthrige, J Samarabandu and X Wang (2016) Machine learning techniques for intrusion detection on public dataset. 2016 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE). Vancouver, Canada, 15-18 May, 1--4.
[22]
CE Shannon (1948) A mathematical theory of communication. The Bell System Technical Journal, 27, 379--426
[23]
TM Cover and JA Thomas (2006) Elements of information theory (2nd ed). John Wiley and Sons: Hoboken, USA.
[24]
S Le Cessie and JC Van Houwelingen (1992) Ridge estimators in logistic regression. Applied Statistics, 41(1), 191--201.
[25]
Intel Corporation (2018) Intel® QuarkTM microcontrollers. https://www.intel.com/content/www/us/en/embedded/products/quark/overview.html
[26]
G Egnal (1999) Image registration using mutual information. Technical Report, University of Pennsylvania.
[27]
L Birge and Y Rozenholc (2002) How many bins should be put in a regular histogram. Technical Report, Universite Paris VI, UMR CNRS 7599, Universite du Maine.
[28]
PL Davies, U Gather, D Nordman and H Weinert (1997) Constructing a regular histogram - a comparison of methods. Technical Report, Technical University Eindhoven.
[29]
PA Legg, PL Rosin, D Marshall and JE Morgan (2013) Improving accuracy and efficiency of mutual information for multi-modal retinal image registration using adaptive probability density estimation. Computerized Medical Imaging and Graphics, 37(7-8), 597--606.
[30]
J Dougherty, R Kohavi and M Sahami (1995) Supervised and unsupervised discretization of continuous features. ICML 1995-12th International Conference on Machine Learning. Tahoe City, California, USA, 9-12 July 1995. Morgan Kaufmann: San Francisco, CA, 194--202.
[31]
I Witten, E Frank, M Hall, and C Pal (2017) Data mining: practical machine learning tools and techniques (4th ed). Morgan Kaufmann: Cambridge, USA.

Cited By

View all
  • (2024)Intrusion Detection and Analysis in IoT Devices Using Machine Learning ModelsChallenges in Large Language Model Development and AI Ethics10.4018/979-8-3693-3860-5.ch012(384-409)Online publication date: 30-Aug-2024
  • (2024)Classification Tendency Difference Index Model for Feature Selection and Extraction in Wireless Intrusion DetectionFuture Internet10.3390/fi1601002516:1(25)Online publication date: 12-Jan-2024
  • (2024)Empowering Digital Resilience: Machine Learning-Based Policing Models for Cyber-Attack Detection in Wi-Fi NetworksElectronics10.3390/electronics1313258313:13(2583)Online publication date: 30-Jun-2024
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security
August 2019
979 pages
ISBN:9781450371643
DOI:10.1145/3339252
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 August 2019

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. IoT
  2. Security mobility applications
  3. deep learning
  4. feature engineering
  5. lightweight intrusion detection
  6. mutual information
  7. security of resource constrained devices
  8. white-box modelling

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

ARES '19

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)17
  • Downloads (Last 6 weeks)1
Reflects downloads up to 21 Nov 2024

Other Metrics

Citations

Cited By

View all
  • (2024)Intrusion Detection and Analysis in IoT Devices Using Machine Learning ModelsChallenges in Large Language Model Development and AI Ethics10.4018/979-8-3693-3860-5.ch012(384-409)Online publication date: 30-Aug-2024
  • (2024)Classification Tendency Difference Index Model for Feature Selection and Extraction in Wireless Intrusion DetectionFuture Internet10.3390/fi1601002516:1(25)Online publication date: 12-Jan-2024
  • (2024)Empowering Digital Resilience: Machine Learning-Based Policing Models for Cyber-Attack Detection in Wi-Fi NetworksElectronics10.3390/electronics1313258313:13(2583)Online publication date: 30-Jun-2024
  • (2024)Intrusion Detection System to detect impersonation attacks in IoT networks2024 International Conference on Intelligent and Innovative Technologies in Computing, Electrical and Electronics (IITCEE)10.1109/IITCEE59897.2024.10467569(1-6)Online publication date: 24-Jan-2024
  • (2024)Cyber Attack Identification System Using Deep Learning2024 5th International Conference on Advancements in Computational Sciences (ICACS)10.1109/ICACS60934.2024.10473266(1-13)Online publication date: 19-Feb-2024
  • (2023)Explainable Artificial Intelligence (XAI) for Internet of Things: A SurveyIEEE Internet of Things Journal10.1109/JIOT.2023.328767810:16(14764-14779)Online publication date: 15-Aug-2023
  • (2023)A Survey on Intrusion Detection System for IoT Networks Based on Artificial Intelligence2023 International Conference on Electrical, Electronics, Communication and Computers (ELEXCOM)10.1109/ELEXCOM58812.2023.10370067(1-6)Online publication date: 26-Aug-2023
  • (2023)EBDM: Ensemble binary detection models for multi-class wireless intrusion detection based on deep neural networkComputers & Security10.1016/j.cose.2023.103419133(103419)Online publication date: Oct-2023
  • (2022)Deep Learning in Diverse Intelligent Sensor Based SystemsSensors10.3390/s2301006223:1(62)Online publication date: 21-Dec-2022
  • (2022)An Adversarial Approach for Intrusion Detection Using Hybrid Deep Learning Model2022 International Conference on Information Technology Research and Innovation (ICITRI)10.1109/ICITRI56423.2022.9970221(18-23)Online publication date: 10-Nov-2022
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media