ABSTRACT

As a tremendous amount of service being streamed online to their users along with massive
digital privacy information transmitted in recent years, the internet has become the backbone
of most people's everyday workflow. The extending usage of the internet, however, also
expands the attack surface for cyberattacks. If no effective protection mechanism is
implemented, the internet will only be much vulnerable, and this will raise the risk of data
getting leaked or hacked. The focus of this paper is to propose an Intrusion Detection System
(IDS) based on the Convolutional Neural Network (CNN) to reinforce the security of the
internet. The proposed IDS model is aimed at detecting network intrusions by classifying all
the packet traffic in the network as benign or malicious classes. The Canadian Institute for
Cybersecurity Intrusion Detection System (CICIDS2017) dataset has been used to train and
validate the proposed model. The model has been evaluated in terms of the overall accuracy,
attack detection rate, false alarm rate, and training overhead. A comparative study of the
proposed model's performance against nine other well-known classifiers has been presented.
 CHAPTER -1
INTRODUCTION

In recent years, the amount of applications that stream services to their users has increased
explosively. This type of service requires minimal installations and computing power on the
user terminal because the applications are operating at the service carrier's cloud servers
instead of the local terminal; all the inputs and outputs are streamed to the users via the
internet. Seeing the obvious advantage of providing high-end service to customers, who are
not able to access high-end devices, many corporations have started to develop their
streaming services. For instance, entertaining service such as Google Stadia makes high-end
gaming, which is typically hardware demanding, now possible on any portable devices with
good internet connectivity. The game is processed and rendered at Google's cloud server with
user's inputs in real time, then the video is streamed back to the user's terminal via the
internet. However, the extensive data exchange at the network between the cloud servers and
local user terminals also expand the attack surface for intrusions. Malicious hackers may
deploy various types of attacks, such as Distributed Denial-of-Service (DDoS), Port Scan and
Infiltration attack to hijack valuable data or make servers unavailable to users. To stop these
cyberattacks from happening, the development of a reliable and effective Intrusion Detection
System (IDS) for cybersecurity has become an urgent issue to be solved.

The idea of the IDS is not new. In 1980, James P. Anderson delineated a type of cyber-
security device or application to monitor the network traffic with the intention to warn the
administrators of any suspicious activities or violations of the system policy [1]. The IDS was
proposed to include tools for the administrators to inspect the audit trails of the network
traffic in a system. By analysing the statistical information of audit trails, system
administrators could hunt for malicious traffic and take further actions to secure the system.
Most traditional IDS use an attack signature database that is created from expert's knowledge,
to cooperate with some predefined decision rules in the program to find out intrusions [2].
In [3], the author claimed that it is easy to develop and understand a signature-based IDS if
the network behavior of the target anomaly activities is known. However, in recent years,
cyberattacks have become more sophisticated, especially the attacks on the systems that are
storing or manipulating sensitive information.
The hand-crafted attack database by experts will obsolete quickly without constant updates.
Another major problem with the signature-based IDS is that they fail to be generalized to
detect innovative attacks that have signatures that are not logged in the signature database. In
short, the attack signature database causes a high storage overhead in order to include the
signature of all the known attacks, making them hard to get implemented or distributed. Also,
matching the incoming data flow with the signatures logged in the dataset could be
computationally expensive.

The Artificial Neural Network (ANN) architecture is a popular solution nowadays for
prediction and classification tasks. There are many advantages of ANN which make it
especially suitable for network intrusion detection [4]. Firstly, ANN performs great at
modelling non-linear data with a large number of input features; for example, network
packets. Secondly, once an ANN is trained, its forward propagation, in other words, the
predictions, are fast. This is crucial for network's speed if the IDS model is placed in-line
with the network traffic. In brief, an ANN is trained by a big dataset to become a generalized
solution for a specific task. The traditional signature-based IDS, on the other hand, is using
manually defined and human-understandable rules for intrusion detection. The ANN
approach relies on a solid mathematics backbone in how the error is backpropagated with the
stochastic gradient descent method to optimize the model [5], [6]. In addition, no predefined
rules are required during the ANN's training process. Meaning that the developers are not
required to possess much expertise in the field of cybersecurity to train an ANN-based IDS.
In addition, since the decision mechanisms of the ANN-based IDS are generalized from the
features of all the known attacks, they have the potential to detect the innovative attacks
sharing similar traits with the known attacks. On the other hand, the signature-based IDS will
fail to detect innovative attacks due to the lack of knowledge on their specific signature.

In this paper, an IDS for cybersecurity based on the Convolutional Neural Network (CNN)
architecture is proposed. Unlike some previously proposed CNN based IDS, which mostly
aiming at one-class or a subset of classes classification [7]–[9]. The proposed IDS has high
performance at multi-class classification, for identifying innovative and all the known attack
classes in a dataset. And compared to some state-of the-art CNN based IDS's that are aiming
at multi-class classification, such as Potluri's work in [10] for classifying the UNSW-NB 15
dataset [11]. The Canadian Institute for Cybersecurity Intrusion Detection System
(CICIDS2017) dataset, used in this paper, is more challenging for a classifier with its larger
feature set and more attack classes that are 59% and 55% more than the UNSW-NB 15
dataset. This paper is structured to include a brief review of some recent research on deep
learning applications at cybersecurity. Then in the model design section, CICIDS2017
database is explored to reveal the design decisions of the custom training and test dataset of
the proposed model. Also, the architecture of the CNN, which is the deep learning model on
which the proposed IDS is based, is discussed and the mathematical details are provided.
Finally, the architecture of the proposed IDS is presented along with its parameter selections.
And the model is evaluated by the defined benchmarks in the simulation result section to
provide performance validation and comparison.

Fig: 1.1 Cyber security

 CHAPTER-2

LITERATURE REVIEW

Prior to the rise of machine and deep learning, the design of the IDS is usually based on
network experts’ knowledge of the attacks. In [12], Ansam Khraisat et al. classified various
kinds of IDS models based on their detecting techniques. In short, the IDS with statistics-
based techniques builds a distribution model for the benign traffic and flag the low
probability events as potential attacks. The IDS with knowledge-based techniques, on the
other hand, creates a knowledge base to reflect the legitimate traffic profile. Afterward, any
action that differs from the standard profile is flagged as an intrusion. Finally, there are IDS
with machine learning techniques. These models mine characteristics of each type of attack
from large quantities of data and classify traffic based on the learned characteristics. In
addition, a survey of the datasets for intrusion detection systems is presented by the authors
in [12]. They explored some public datasets such as Knowledge Discovery Databases (KDD)
Cup’99, Center for Applied Internet Data Analysis (CAIDA), Network Security Laboratory-
Knowledge Discovery Databases (NSL-KDD), and CICIDS2017, and a comparative study of
those IDS datasets, in terms of their feature selection and type of computer attacks, is
presented as well. Finally, the authors provided classification results of the selected datasets
based on their prior research. Specifically, on CICIDS2017, their model that combinedly uses
a Multiplayer Perceptron (MLP) neural network and payload classifier reaches an accuracy of
95.2%.

Machine learning is a popular solution for classification tasks due to its relatively simple
architecture and low computation overhead. Many studies that are applying machine learning
techniques on the CICIDS2017 dataset for attack classification have been proposed [13]–
[15]. Many of which have reached decent accuracy at one-class classifications for a certain
attack class, such as DDoS, in the dataset. However, to reach a usable multi-class
classification accuracy in detecting modern network intrusions, many data preprocessing
methods have been proposed to improve the model's performance. In [13], Yonghao Gu et
al. proposed a semi-supervised K-means model to detect the DDoS attacks in CICIDS2017.
Besides, they implemented a hybrid feature selection algorithm to exclude the unreasonable
features from being the input of the model to prevent “the curse of dimensionality”. Their
feature selection algorithm takes the available features as input. The features are processed by
a series of procedures including the data normalization, feature ranking, and feature subset
searching, and selected features are output by the algorithm. Finally, with their proposed
feature selection method, they reached a detection rate of 96.50% and a false positive rate of
30.5%.

In recent years, deep learning models such as neural networks have become more effective
solutions for classification tasks because of their ability to generalize more complex patterns
of features of tasks. In [16], the authors provided a study of anomaly analysis for intrusion
detection with K-Nearest Neighbors (KNN) and Deep Neural Network (DNN) to compare the
classification performance of a machine learning model to a deep learning model. They used
CICIDS2017 as the database for the simulations of the model's performance in the study.
They concluded that DNN performed significantly better than KNN. In specific, their DNN
yields an accuracy of 96.427%, which is much higher than 90.913% accuracy by the KNN. In
addition, they also compared the computation time overhead of the two models. The 110 (s)
CPU time of DNN is shorter than the 130 (s) CPU time of KNN, therefore, indicated that
DNN has a lower time overhead than KNN.

In [7], another study of using deep learning models for cybersecurity in the Internet of Things
(IoT) networks is proposed by Monika Roopak, Gui Yun Tian and Jonathon Chambers. The
authors used the DDoS attack samples in CICIDS2017 to evaluate the performance of MLP,
Long Short-Term Memory (LSTM), CNN, and a hybrid model of LSTM and CNN. They
reached a 98.44% precision by the LSTM model, followed by a 98.14% precision by the
CNN model and a 97.41% precision by the hybrid model. Lastly, the MLP model reached an
88.47% accuracy in their simulation. The authors also compared their results to some
machine learning models. After the simulation, they concluded that all the tested deep
learning models except MLP outperform the machine learning models such as SVM, Bayes
and Random forest.

In [8], Sungwoog Yeom and Kyungbeak Kim tested the performance of Naïve bayes, SVM
and CNN based classifier on the CICIDS2017 dataset. In the study, it was focus more on the
model's binary classification performance on each attack class in the dataset. The raw
CICIDS2017 dataset, which included separate sub-datasets of the network traffic in a day,
was used to train the models. The authors trained and evaluated a CNN based classifier based
on each sub-dataset, which mostly included only 1∼3 attack classes. And the accuracy,
precision, recall and F-measure of the models were record. After the evaluation, the authors
concluded that CNN and SVM generally had high detection rates. In addition, CNN was
better than SVM in term of the processing time. However, they also observed that CNN had
mediocre performance with datasets with many labels. In other words, it was challenging for
the CNN models if there were many labels need to be classified.

In [9], a CNN based IDS was proposed by Jiyeon Kim et al. In this paper, the authors
employed deep learning techniques and developed a CNN model for the CICIDS2018
dataset, which was a dataset sharing the same feature set with CICIDS2017 but with larger
sample counts. The training and test of the models in the study were performed on sub-
datasets which included a subset of types of network traffic from CICIDS2018. Therefore,
the models were simulated for multi-class classification for certain classes in the dataset, not
all of them at once. In this study, the experimental results showed that the performance of the
CNN based IDS could be higher than that of the recurrent neural network (RNN), which is
another deep learning model that is popular in the cases of time series data being used as
input. The CNN model proposed in this study reached a 96.77% accuracy in the sub-dataset
which was composed by the benign and DoS samples from CICIDS2018. On the other hand,
the RNN model tested in this study reached a 82.84% accuracy in the same dataset, which
was significantly lower than of the CNN model.

In [17], Ahmed Ahmim et al. proposed a novel hierarchical IDS that is based on Decision
Tree and Rules-based models. They also used CICIDS2017 as the dataset to evaluate the
performance of their model. Their proposed model combines Reduced Error Pruning Tree
(REP Tree) and JRip algorithm at its first stage. The input features of the dataset are used as
input at this stage to classify traffic as attacks or benign. Then a Forest PA classifier takes the
output of the two classifiers at the first stage, in combination with the input features of the
initial dataset as input to generate the final classification result. Their model reached decent
performance on almost every traffic class in CICIDS2017. They also provided a performance
comparison of their proposed model with 11 well-known classifiers to validate its
classification power. Within the 12 classifiers models, their model had the best classification
performance at seven attack classes and the lowest false alarm rate for benign traffic. This
model is competitive for its great overall classification performance on CICIDS2017.
Therefore, in the result section of this paper, the proposed IDS model has been compared
against their novel hierarchical IDS to assess the proposed model's performance.

CHAPTER-3

MODEL DESIGN

This section specifies many design elements of the proposed IDS model. At first, the
cybersecurity database CICIDS2017 that is used to train the proposed model is introduced
and analyzed. The data preprocessing methods and the design of the training dataset are also
presented. Then, the architecture and mathematical model of the CNN are introduced and
discussed. Finally, the architecture, operating flow of the proposed model and input data
collecting methods are presented in details.

A. CICIDS2017 Security Dataset

The training, validating, and testing of the proposed model are all accomplished with the data
from CICIDS2017 database. CICIDS2017 database was proposed in 2018 by Iman
Sharafaldin et al. [18]. The database was developed to combat the sophisticated and ever-
growing network attacks in the modern era. The creators of the database had the ambition to
replace outdating security databases such as DARPA98, KDD99, ISC2012, and ADFA13.
These databases were vastly used for the evaluation of intrusion detection and prevention
models in many papers in the past decades, but were in fact obsolete and unreliable to
use [19]. Therefore, for the proposed model, which aims at detecting modern cyberattacks,
CICIDS2017 is a top-notch option for the training database.

The CICIDS2017 database emulates the network traffic of a real environment for one week.
The network traffic contains normal network packets and a diverse set of attack scenarios that
are injected by the attack profiles created by developers. In total, the database contains
2830,743 samples, and the composition of the traffic classes is presented in Table 1.
TABLE 1: CIDIDS2017 With Sample Size and Class Composition

Each sample in the database contains 78 features that are extracted from the traffic of two
nodes in the network, and a label to indicate the class of the traffic. A few examples of the
extracted features are the destination port, flow duration, total forward packets, and total
backward packets. Among the 78 features, the proposed model takes all of them as input
except for the destination port. The destination port of the network traffic may be a useful
audit trail for the network admin to track down the place where a cyberattack is initiated or
target towards. However, it is a method of encoding the network ports into identification
numbers. The destination port is not a quantitative measure of network traffic that our neural
network-based IDS is expected for input. Accordingly, the inclusion of it, as an input feature,
can cause unexpected issues at the training process of the proposed neural network model.
The rest of the 77 features are all quantitative measure, thus, they are all valid inputs for the
proposed model.

B. Design of the Training and Test Dataset

Albeit CICIDS2017 is an advanced modern security database with merits, it does have certain
shortcomings that need to be considered and addressed to unlock its full potential. There are
three main issues of the database: scattered presence, missing values and class imbalance.
The network traffic is logged into eight separate files corresponding to the time window and
class of the traffic sample. The scattered presence is not ideal for the training of the proposed
model since the model aims to classify all the cyberattacks in the database instead of
particular types of attack. Further, according to [19], CICIDS2017 has a total of 288,602
samples with an absent class label, and 203 instances of missing information. The samples
with an absent class label need to be removed, and the missing information needs to be
restored.

Table 1 shows the class composition of the original data in CICIDS2017. Among all the
samples, the benign samples have a proportion of 80.301%, which is the highest in the
database. On the opposite, the Heartbleed samples have a proportion of only 0.001%. This
high imbalance of in-class sample size typically leads to biased classification results. It needs
to be avoided in the proposed model to prevent a drop at overall performance.

The three issues in the database raise the difficulty for the neural network model to reach
decent performance. However, they are not necessarily defects for a database, which is aimed
at simulating sophisticated network traffic. In fact, the three issues, mentioned above, do have
a high chance to appear in the data that is collected from a real-world environment.
Therefore, by solving these shortcomings in CICIDS2017, the proposed model is also
prepared to be implemented in real environments.

The first issue of missing values is solved in the data preprocessing phase by a data imputer.
In this case, the missing values are all replaced by 0 to prevent value errors. In addition, the
rest of the two issues, namely, class imbalance and scattered presence, are solved by building
a custom database that concatenates all the separate files of CICIDS2017 with balanced class
composition. This custom database is called α-Dataset.

Table 2 presents a few design decisions of the α-Dataset, such as the size of samples for each
class, splitting strategy of training and test set, and the class composition of the training set.
Balancing the samples for a high imbalance database is a problem with trade-offs. Most
neural network models work better with databases with balanced samples in each class.
However, neural network models also require a big dataset for better generalization of the
task assigned to it. Therefore, it is not feasible to simply trim down the number of samples in
the classes with a higher proportion to match with the minority classes. For the best of both
worlds, the database is divided into two categories. Namely, the normal attack samples, and
minority attack samples that are marked grey in Table 2.

TABLE 2: α-Dataset With Sample Size, Training/Test Distribution and Class Composition
in Training Dataset
The normal attack samples include the benign samples from the Monday file, DDoS, DoS,
and Port Scan. Each of the four classes is split into training and test samples with a distinct
ratio. These ratios are tuned to generate a training set with a balanced size of samples across
the four classes. Table 2 shows that each of the four classes has roughly 102,000 samples to
form a balanced training set. On the other hand, the minority samples contain the rest of the
attack samples in the database. Given their small size of samples, 80% of the samples, in each
class, become training samples, and the whole class is also used as test samples to provide
sufficient data for the training and testing process.
C. Convolutional Neural Network

CNN is a popular neural network that is typically used in image processing tasks. In recent
years, due to its popularity, CNN is also extensively used in natural language processing,
video analyzing, and even some models with sequential inputs. The unique convolution and
pooling process of CNN allow the model to learn complicated patterns of features form a
high-dimensional data space while maintaining reasonable storage and computation time
overhead. This advantage is significant when a CNN model is trained with a network traffic
dataset, given that these datasets typically have a large feature set. For example, there are 78
features recorded for each traffic sample in the CICIDS2017 dataset, which can lead to high
computational complexity for other deep learning models such as DNN [20]. Also, for any
network IDS, it is exceptionally crucial to have the ability to capture the complicated features
of network traffic within a short amount of time. Therefore, it is believed that CNN is the
priority neural network model for developing the prototype of the proposed
model. Fig. 1 shows the architecture of a CNN model with the input size of 8x8 matrix. The
whole model could be separated into three main sections: convolution layer, pooling layer,
and fully connected layer. In terms of functionality, the convolution layer and pooling layer
together handle the feature extraction of the training samples, and the fully connected layer
processes the final classification. At the convolution layer, CNN model convolves the input
sample with some specific matrices called “feature detector” or “kernel map”. The result of
the convolution is called “feature map”. Feature detectors are matrices used to extract, from
the input sample, specific features, such as patterns, shape and lines. Their value is initially
randomized and gradually updated by the optimizer during the training process. After the
input sample is convolved with the feature detectors, the feature maps are generated. For
CNN model with K feature detectors, this process could be mathematically denoted as:

featuremap{i}=input⊗featuredetector{i};i∈K.(1)
Fig 3.1: Architecture of a basic convolutional neural network.

Then, the feature map calculated by (1) is mapped to a non-linear activation function to break
the linearity of the model. In Fig. 1, the whole process of generating the feature maps and
mapping them to the activation function is represented by the green connections at the
convolution layer.

The second section of the model is the pooling layer. At this layer, the feature maps will be
pooled to bring down their dimension. The purpose of this process is to eliminate noise and
model's dependent on the spatial location of the learned patterns.

In short, pooling mitigates the effects when a specific pattern that the model is trained to
recognize appears at different locations or angles at the input sample. Furthermore, to
eliminate noise, pooling brings down the dimension of the feature maps, while preserving the
valid information carried by them. This also eases the calculation of any further processing to
the feature maps.

After the feature maps are calculated and pooled, they will undergo a “flattening” process
before being passed to the fully connected layer. The flattening process converts the feature
maps from 2-D matrices to 1-D arrays in row-major order, which is the format expected by
the fully connected layer. The fully connected layer is composed of input neurons, optional
hidden neurons and output neurons. Each neuron is connected to every neuron at the adjacent
layers with distinct weights and biases as the parameter. The output neurons, which are also
the final output of the CNN model, determine to which class each input sample belongs.

In the case of cybersecurity, the model can use the output neurons to represent the benign
class and every class of attack that the model is trained to classify. When a network traffic
sample is processed by the model, it will be classified as the class that is represented by the
output neuron that holds the highest value at the output layer.

One of the characteristics that distinguish CNN from other neural networks is weight sharing.
CNN has shared weights, which means the model uses the same weight vectors to do the
convolution. In other words, the feature detectors, which contain the weight vectors, are
replicated at every convolution process at the convolution layer. There are some advantages
to the implementation of shared weights. First, it makes the model have substantially fewer
parameters to be optimized. This means the optimizer can potentially converge the model to
optimal loss with less time overhead. Secondly, it slightly lowers the degrees of freedom of
the model. This could help the model to avoid overfitting, which happens when the model
makes too much of an effort to fit itself to a limited set of samples.

The constraint on weights also enables the model to achieve better generalization on the tasks
assigned to it. Briefly, CNN has merits that are suitable for the development of IDS for
cybersecurity in the modern era. CNN requires less time overhead at the testing process.
Besides, with its convolution mechanism, CNN could potentially learn the much more
complex characteristics of some modern cyberattacks, which other neural network models
struggle to capture. Lastly, CNN can achieve better generalization on the classification of
cyberattack samples. This enables the IDS to potentially detect innovative attacks that share
similar traits with the known attacks.

However, from [7]–[9], it is observed that CNN, albeit with its merits at generalize complex
patterns of features in the dataset, has some potential issues at multi-class classifications. The
CNN models proposed in these studies are tested on classification tasks of either one-class or
a subset of classes in the dataset. This is not a surprise since neural networks depend a lot on
training data to reach the full potential and prevent issues such as biased classification results
or over-fitting [4]. Therefore, to access the advantage of the neural network models, it is
important to train the model with a dataset that is not only rich in its sample counts and
feature set but also has a balance class composition.

In this study, a novel data-preprocessing method is proposed in the Model Design section to
generate a relatively balance sub-dataset, which still includes all the available attack classes
from the CICIDS2017 dataset, for the training and test of the proposed IDS model. And the
proposed IDS is trained to perform multi-class classifications on every types of attacks that
are known in the CICIDS2017 dataset.

D. Development of the Proposed IDS Model

The proposed IDS model, in this paper, is developed on Python 3. PyTorch is used as the
framework to build the neural network layers of the proposed model [21].

CNN has many layers to be implemented and some parameters to be selected before training
one. Empirically, the number of convolution and fully connected layers for a CNN for
network intrusion detection tasks could be selected from the range of 1∼3 layers
each [8], [9], [22]. In general, the more complex the task assigned to a neural network, the
more layers are added. For example, the ResNet-50, which is a large CNN that classify
images into 1000 object classes, has 50 layers in total. However, a large network size does
not always guarantee the performance of a CNN [22]. The input of the model is batches of
matrices. Each matrix has a size of 9 × 9, which is composed of 77 extracted features from
the network traffic samples and four zero pads for format concern. The model contains two
convolution layers and two fully connected layers. The decision of hyperparameters, such as
the number of layers, the kernel size for convolution, and the number of neurons in a fully
connected layer, are all determined by exhaustive grid search. In this method, all the
hyperparameters are selected from a subset of values that are manually specified, and the
model will be evaluated iteratively to search for the best combination in the parameter values.
The architecture of the proposed model is presented in Fig. 2. At the first convolution layer,
the kernel of the convolution is designed to have a size of 3 × 3, and the stride and padding of
the convolution to be one. In addition, the number of output feature maps is selected to be 16,
and the activation function to be a rectified linear unit (ReLU) function at this layer.
Accordingly, for each matrix in a training batch, the model generates 16 feature maps at the
first convolution layer. Each feature map has a size of 9x9 and is mapped to a ReLU function.
Then, the feature maps are pooled at the first pooling layer by the Max Pooling algorithm
with a kernel size of 2x2, stride of 2, and padding of 1. This generates 16 pooled feature
maps, each has a size of 5x5. Afterward, the pooled feature maps are passed to the second
convolution layer and pooling layer, which both have the same kernel size, stride, and
padding configuration as the first two layers.

Fig 3.2: Architecture of the proposed IDS model.

The second convolution layer is designed to output 32 feature maps, and they are also
individually mapped to a ReLU activation function. Eventually, after the two convolution
layers and two pooling layers, the proposed model generates 32 pooled 3 × 3 feature maps for
each input matrix. At the flattening layer, all the elements of the pooled feature maps are
converted into a 1-D array in row-major order, which is the format expected by the fully
connected layer. This generates an array of 288 elements for each input matrix. Then the
array becomes an input sample of the fully connected layer, which has 288 input neurons, a
hidden layer and nine output neurons.
Consequently, the proposed model is trained to classify network traffic into nine different
classes represented by the nine output neurons, namely, Benign, Brute Force, Bot, DDoS,
DoS, Heartbleed, Infiltration, Port Scan, and Web Attack. The number of classes is designed
this way for the model to reach a better generalization for the cyberattacks.

For a certain dataset with a limited number of samples, when the number of classes increases,
the number of samples for each class decreases inevitably. It raises the difficulty of the model
to generalize the characteristics of each class. Therefore, the proposed model has a custom
dataset function to merge some of the samples, based on their type of attack, into a bigger
class.

For instance, from CICIDS2017 database, samples with the four labels of DoS attacks,
namely, DoS GoldenEye, DoS Hulk, DoS Slowhttptest, and DoS slowloris are merged into a
single DoS class. The same merging strategy is also implemented at various labels of Brute
Force and Web Attack samples in the database to form bigger classes of the two types of
attacks.

Eventually, the samples from CICIDS2017 are assorted into nine distinct classes with some
greater sizes of in-class samples to facilitate the model's generalization of cyberattacks.
Hence the selection of nine output neurons at the final output layer of the model. Meanwhile,
the original label is still attached to each sample for label-wise performance evaluation of the
proposed model.
 CHAPTER-4

SIMULATION RESULTS

This section presents in detail the performance of the proposed IDS model based on the
simulation results with some benchmarks. The benchmarks include the Detection Rate (DR),
True Negative Rate (TNR), and overall accuracy, which are all explicitly defined and
calculated. In addition, a comparative study of the proposed model with nine other well-
known classifiers is provided. Finally, the proposed model's performance on innovative
attacks is also validated. All the simulations in this section are done on a workstation of the
Networked Embedded Systems (NES) Laboratory at California State University, Long
Beach. This workstation runs a 64-bit Windows 10 OS and is equipped with an Intel Xeon
W-2125 processor and 64 GB of RAM.

A. Performance Benchmarks

To evaluate the classification performance of the proposed model on cyberattacks, it has been
simulated with several benchmarks that are derived from the confusion matrix generated by
the model. Confusion matrix, as shown in Table 3, is a matrix showing all the possible
scenarios of classification results. In terms of cybersecurity, the positive class is defined to be
the attack samples, and the negative class contains the benign samples. There are four
scenarios in a confusion matrix, namely, True Negative (TN), True Positive (TP), False
Negative (FN) and False Positive (FP). Among the four scenarios, TN and TP contribute to
the overall accuracy of the classification outcomes. They represent the instances when a
model successfully predicts a sample to be its true case. On the other hand, instances of FN
and FP deteriorate the performance of a classification model. They occur when a model
predicts a sample incorrectly. In a sense of cybersecurity, FP occurs when a benign sample is
classified as an attack, which is also known as a false alarm.
TABLE 3: Confusion Matrix

Confusion matrix is a great tool to record the simulation results of a classification model.
However, it is not necessarily easy to read nor handy enough to quickly evaluate the
performance of IDS models. Thus, for comparative studies, some performance benchmarks
are derived from the confusion matrix, which are universally used. The first benchmark is
DR, which could be understood as the ratio of the samples in an attack class, which are
correctly classified as attacks by an IDS model. Mathematically, DR could be derived from
the confusion matrix and denoted as:

DRclass=TPclassTPclass+FNclass.(2)

In general, when an IDS model has a high DR at an attack class, it implies the model
performs great at recognizing this type of attack and not confusing them with the benign
samples.

TNR is a benchmark of an IDS model's classification power on the benign samples. When an
IDS model yields a high TNR, it suggests that the model performs well on isolating the
benign samples from the attack samples. TNR is also derived from the confusion matrix.
Mathematically, it could be denoted as:

TNR=TNBENIGNTNBENIGN+FPBENIGN.(3)

Another performance benchmark, which is closely related to the TNR, is the False Alarm
Rate (FAR). As its name implies, FAR gives the probability of a false alarm, which occurs
when a benign sample is falsely classified as an attack, initiated by the IDS model. It is very
important to evaluate a classifier's performance at FAR, especially in the cases of anomaly
detections. A classifier for network intrusion detections is not trustworthy when it has a high
DR for attacks but also a high FAR. In such case, the classifier will perform poorly with data
from the real world. Given that the benign traffic is the majority in an ordinary network
environment, a high FAR means the IDS can falsely warn the network admin on benign
traffic very frequently, making the IDS not usable. In other words, for an IDS model, the
higher the FAR, the lower the TNR. FAR could be denoted as:

FAR=FPBENIGNTNBENIGN+FPBENIGN=1−TNR.(4)

Finally, the proposed IDS model's overall accuracy is also provided. The overall accuracy
reflects a classifier's ability of classifying each sample into its true class. In the case of
network intrusion detections, it is a comprehensive performance metric of an IDS's
classification power at both benign and attack samples. It is defined to be the ratio of the total
correct predictions made by the classifier to the total number of the input samples. The
overall accuracy is calculated as follows:

Accuracy=TNoverall+TPoverallTNoverall+TPoverall+FNoverall+FPoverall.(5)

B. Performance on the α-Dataset

The proposed IDS model is trained on the training set from the α-Dataset. The Adam
optimizer [23] is used in the training process. The learning rate is set to 0.0002 for the first 50
epochs and decreased to its 1/10 for refine tuning. Some performance benchmarks of the
trained model are shown in Table 4. In Table 4, DR and TNR of the proposed model on the
training set and test set are presented. The proposed model reaches over 90% in DR at 12
attack classes out of the total 14 classes. In addition, at 10 attack classes, the proposed model
successfully yields over 99% at DR. Also, TNR of the benign class reaches 98.984%. The
proposed IDS model performs relatively poorly at the Botnet and Sql Injection class when
compared to the other attack classes. This is due to the small size of in-class samples of the
two classes. Botnet and Sql Injection only make proportions of 0.07% and 0.001%,
respectively, in the original CICIDS2017 database. Accordingly, the proposed IDS model
struggles to capture the characteristics of these two types of network traffic due to their
insufficient samples. This also happened at some other IDS models using CICIDS2017 as the
training database, as shown in Table 5.
TABLE 4: Performance of the Proposed Model on α -Dataset
TABLE 5: Class-Wise Performance of the Proposed IDS Model and Other Classifiers

C. Performance Comparison

The proposed IDS model is also evaluated by comparing to some well-known classifiers.
In Table 5, the class-wise DR and TNR of the following nine models: Hierarchical [17],
WISARD [24], Forest PA [25], J48, LIBSVM [26], FURIA [27], Random Forest, MLP, and
Naive Bayes are presented. In addition, the figures in Table 5 that are bolded represent the
best performer in a class. For example, the 98.984% TNR yielded by the proposed IDS is
bolded to indicate it has the highest TNR performance among the competitors.

Among the selected models, the proposed IDS model has the highest DR at 10 attack classes
out of the total 14 classes. These 10 classes are the Bot, DDoS, DoS GoldenEye, DoS Hulk,
DoS Slowhttptest, DoS slowloris, Heartbleed, Port Scan, Web Attack-Brute Force, and Web
Attack-XSS. For the rest of the four attack classes, in terms of DR, the proposed model is
ranked the second at FTP-Patator, the seventh at SSH-Patator, the third at Infiltration, and the
fourth at Web Attack-Sql Injection. In addition, the proposed model has the highest TNR for
benign samples compared to the nine selected models.

This also means that this model has the lowest FAR, which can be calculated by (19).
Accordingly, out of the total 15 traffic classes in CICIDS2017, the proposed model has the
best classification performance at 11 classes when compared to the rest of the nine classifier
models. Finally, in Figs. 3 and 4, the overall attack DR, FAR and accuracy of the ten selected
classifiers are presented to provide a visually intuitive performance comparison. From the
figures, it is easily observable that the proposed model has the highest overall DR and
accuracy and the lowest FAR within the ten models.

Fig 4.1: Overall detection rate and accuracy of the ten selected classifiers.

Fig 4.2: False alarm rate of the ten selected classifiers.

In addition, it has a minimal performance gap between the overall DR and accuracy. Noted
that the overall DR is calculated by the ratio of the attack samples that are not classified as
benign by the model. And the overall accuracy is calculated based on the ratio of the samples
that are correctly classified into its true case. Therefore, the small gap between overall DR
and accuracy indicates that the proposed model is not only highly capable of detecting
cyberattacks, but also precisely classifies the attacks into their true class.

In addition, the proposed IDS is compared with two other CNN based IDS that are recently
published. The compared models have been introduced in the literature review
chapter [8], [9]. Both studies perform intrusion detections at the CICIDS dataset with a
similar CNN architecture yet different data pre-processing methods. In [8], the raw
CICIDS2017 dataset, which included separate sub-datasets of the network traffic in a day,
was used to train the models. The authors trained and evaluated a CNN based IDS based on
each of the sub-dataset, which mostly included only 1∼3 attack classes. In [9], the authors
manually separated the CICIDS2018 dataset into ten sub-datasets, and each sub-dataset
included up to three attack classes. Therefore, the CNN based IDS in [8], [9] both performed
one-class or a subset of class classification, and the model's accuracy, DR, and TNR were
provided. In Table 6, the DR and TNR of the proposed IDS and the compared CNN based
IDS are provided. The proposed IDS is superior to the other models in many aspects. First, in
the comparison, the proposed IDS is the only model performing true multi-class classification
on all the 15 classes that are available in the CICIDS dataset. The other two CNN based IDS,
while performing well on binary classification on one attack class, have poor performance if
there are many attack classes need to be classified. Second, in term of class-wise
classification performance, the proposed IDS also has the highest TNR, and a higher or
comparable DR at each attack class. In summary, the proposed IDS, thanks to the innovative
dataset pre-processing method, not only can classify more classes at once with one CNN
classifier but also yields a competitive benchmark at each class-wise classification category
compared with other previously proposed CNN based IDS.
TABLE 6: Class-Wise Performance of Other CNN Models on CICIDS2017

D. Performance on Innovative Attacks

To test how the proposed model performs on innovative attacks, the data from CICIDS2017
is used to design some custom training and testing datasets for simulation. More specifically,
the DoS attacks is selected to be the test subject due to its diversity.

CICIDS2017 has four DoS varieties, namely, the DoS GoldenEye, DoS Hulk, DoS
Slowhttptest and DoS slowloris. During the simulation, four IDS models are generated, each
has the same architecture of the proposed model, with four combinations of training and test
dataset. Each time a model is trained, only one type of the DoS samples are included in the
training dataset to represent the known attacks. Meanwhile, the rest of the three DoS varieties
are only used in the test dataset to represent the innovative attacks. In this scenario, since the
model never encounters the innovative DoS samples in the test dataset, some traditional
signature-based IDS models may fail easily due to the lack of signature information in the
database. On the other hand, the proposed model has the potential to recognize these
innovative DoS samples.

The proposed IDS model, which is a neural network-based model, captures the generalized
characteristics of each type of cyberattacks. Therefore, if some innovative DoS samples share
similar traits with the DoS samples in the training dataset, they might be successfully
classified as the DoS class by the model.

The four models are trained separately and their DR on the innovative DoS attacks in the test
dataset is recorded. The simulation results of all the four models are presented in Table 7.
From Table 7, one can easily observe that when only the DoS GoldenEye samples are used in
the model's training process, the model has the potential to also detect DoS Hulk at a decent
87.29% DR.

TABLE 7: Performance of the Proposed IDS Model At Innovative DoS Attacks

Besides, when the model is only trained on the DoS slowloris samples, it has the potential to
also detect DoS Slowhttptest at an 85.73% DR. These simulation results confirm that the
proposed model is superior to the traditional IDS at detecting innovative attacks.
 CHAPTER-5

IOT INTRUSION DETECTION SYSTEMS TECHNIQUES

IoT Interruption is characterized as an unapproved activity or movement that hurts the IoT
biological system. For instance, an assault that will make the PC administrations inaccessible
to its real clients is viewed as an interruption. An IDS is characterized as a product or
equipment framework that keeps up with the security of the framework by recognizing
vindictive exercises on the PC frameworks. The primary point of IDS is to distinguish
unapproved PC utilization and vindictive organization traffic which is preposterous while
utilizing a customary firewall. This outcomes in making the PC frameworks exceptionally
defensive against the noxious activities that compromise the accessibility, respectability, or
secrecy of PC frameworks. A. Signature-based intrusion detection systems (SIDS) Signature
interruption location frameworks (SIDS) use design matching procedures to track down a
referred to assault; these are otherwise called Information based Recognition. In SIDS,
matching techniques are utilized to track down a past interruption. As such, when an
interruption signature matches the mark of a past interruption that as of now exists in the
mark data set, an alert sign is set off. For SIDS, the host's logs are reviewed to observe
arrangements of orders or activities which have recently been distinguished as malware.
SIDS has likewise been named in the writing as Information Based Discovery or Abuse
Recognition. Customary strategies for SIDS experience issues in distinguishing assaults that
length different parcels as they inspect network bundles and perform matching against an
information base of marks. With the expanded refinement of current malware, separating
mark data from different bundles might be required. With this, IDS needs to bring the
substance of prior parcels also. For making a mark for SIDS, by and large, there have been a
few strategies where marks are made as state machines, formal language string designs or
semantic circumstances. B. Anomaly-based intrusion detection system (AIDS) © 2022
IJRAR September 2022, Volume 9, Issue 3 www.ijrar.org (E-ISSN 2348-1269, P- ISSN
2349-5138) IJRAR22C2601 International Journal of Research and Analytical Reviews
(IJRAR) www.ijrar.org 932 Helps has drawn in a great deal of researchers due to its element
to beat the constraint of SIDS. In Helps, a typical model of the conduct of a PC framework is
made utilizing AI, measurable based or information based techniques. Any huge deviation
between the noticed conduct and the model is viewed as an irregularity, which can be
deciphered as an interruption. This sort of strategy chips away at the way that pernicious
conduct is not quite the same as commonplace client conduct. The conduct of unusual clients
that separates from the standard conduct is characterized as an interruption. There are two
stages in the advancement of Helps: the preparation stage and the testing stage. In the
preparation stage, the typical traffic profile is utilized to gain proficiency with a model of
ordinary conduct. In the testing stage, another informational index is utilized to foster the
framework's ability to sum up to beforehand inconspicuous interruptions. Helps can be sub-
arranged in light of the strategy utilized for preparing, for example, factual based, information
based and AI based. The primary benefit of Helps is the capacity to distinguish zero-day
assaults on the grounds that perceiving the strange client movement doesn't depend on a mark
information base. Helps sets off a risk signal when the inspected conduct goes amiss from
ordinary conduct. Moreover, Helps has various advantages. To begin with, they can find
inside malignant exercises. Assuming an interloper begins making exchanges in a taken
record that are unidentified in the average client movement, it makes a caution. Second, it is
trying for a cybercriminal to perceive what a typical client conduct is without delivering a
ready as the framework is developed from redid profiles. C. Machine Learning based
Technique AI is the most common way of separating information from huge amounts of
information. AI models include a bunch of rules, techniques, or complex "move works" that
can be applied to observe intriguing information designs or to perceive or anticipate conduct.
AI procedures have been applied broadly in the space of Helps. To extricate the information
from interruption datasets, various calculations and strategies, for example, grouping, brain
organizations, affiliation rules, choice trees, hereditary calculations, and closest neighbor
techniques are used. Some earlier examination has analyzed the utilization of various
strategies to assemble AIDSs. Analyzed the presentation of two element determination
calculations including Bayesian organizations (BN) and Characterization Relapse Trees
(CRC) and consolidated these strategies for higher exactness. Procedures of component
determination utilizing a mix of element choice calculations like Data Gain (IG) and
Connection Characteristic assessment. They tried the presentation of the chose highlights by
applying different order calculations like C4.5, guileless Bayes, NB-Tree and Multi-facet
Perceptron. A hereditary fluffy rule mining strategy has been utilized to assess the
significance of IDS highlights. NIDS by utilizing the Arbitrary Tree model to further develop
exactness and diminish the misleading problem rate. The primary point of utilizing AI
strategies is to make IDS that requires less human information and further develop exactness.
The amount of Helps which utilizes AI procedures has been expanding over the most recent
couple of years. The fundamental target of IDS in light of AI research is to distinguish
examples and fabricate an interruption discovery framework in view of the dataset. For the
most part, there are two classes of AI strategies, regulated and unaided. Internet of Things
(IoT) are interconnected systems of devices that facilitate seamless information exchange
between physical devices. These devices could be medical and healthcare devices, driverless
vehicles, industrial robots, smart TVs, wearables and smart city infrastructures; and they can
be remotely monitored and regulated. IoT devices are expected to become more prevalent
than mobile devices and will have access to the most sensitive information, such as personal
information. This will result in increasing attack surface area and probabilities of attacks will
increase. As security will be a vital supporting element of most IoT applications, IoT
intrusion detection systems need also be developed to secure communications enabled by
such IoT technologies (Granjal et al., 2015).
In the last few years, advancement in Artificial Intelligent (AI) such as machine learning and
deep learning techniques has been used to improve IoT IDS (Intrusion Detection System).
The current requirement is to do an up-to-date, thorough taxonomy and critical review of this
recent work. Numerous related studies applied different machine learning and deep learning
techniques through various datasets to validate the development of IoT IDS. But, it’s still not
clear that which dataset, machine learning or deep learning techniques are more effective for
building an efficient IoT IDS. Secondly, the time consumed in building and testing IoT IDS
is not considered in the evaluation of some IDSs techniques, despite being a critical factor for
the effectiveness of ‘on-line’ IDSs (Khraisat et al., 2019a).
This paper provides an up to date taxonomy, together with a critical review of the significant
research works on IoT IDSs up to the present time; and a classification of the proposed
systems according to the taxonomy. It provides a structured and comprehensive overview of
the existing IoT IDSs so that a researcher can become quickly familiar with the key aspects of
IoT IDS. This paper also provides a critical review of machine learning and deep learning
techniques applied to build IoT IDS. The detection techniques, validation strategies,
deployment strategies are reviewed, along with several techniques used in each method. The
complexity of different detection techniques, intrusion deployment strategy, and their
evaluation techniques are discussed, followed by a set of suggestions identifying the best
techniques, depending on the nature of the IoT IDS. Challenges for the current IoT IDSs are
also discussed. Compared to previous survey publications (Khraisat et al., 2019a; Benkhelifa
et al., 2018; Chaabouni et al., 2019; Zarpelao et al., 2017; Hindy et al., 2018) this paper
presents a discussion on IoT techniques, IoT deployment strategy and IDS dataset problems
which are of main concern to the research community in the area of IoT intrusion detection
systems (IDS). Prior studies such as (Yang et al., 2017; Yar & Steinmetz, 2019) have not
completely reviewed IoT IDSs in terms of the datasets, challenges and techniques. In this
paper, we provide a structured and contemporary, wide-ranging study on IDS in terms of
techniques, IoT attacks and datasets; and also highlight challenges of the IoT techniques and
then make recommendations.
During the last few years, several surveys on IoT IDS have been published. Table 1 shows
the IDS techniques and datasets covered by this survey and previous survey papers. The
comparison that in this table discusses the contributions of each survey related to the develop
intrusion detection system for IoT. The survey on intrusion detection systems and taxonomy
by Axelsson (Axelsson, 2000) classified intrusion detection systems based on the detection
methods. The highly cited survey by Debar et al. (Debar et al., 2000) surveyed detection
methods based on the behaviour and knowledge profiles of the attacks. A taxonomy of IoT
intrusion systems by Liao et al. (Liao et al., 2013a), has presented a classification of five
subclasses with an in-depth perspective on their characteristics: Statistics-based, Pattern-
based, Rule-based, State-based and Heuristic-based.
The highly cited survey by Alvarenga et al. (Zarpelao et al., 2017) reviews the IoT security
issues in general. Attacks against IoT devices are not discussed in their studies, such as
Denial of Service (DoS) Attack and attack on RPL (Routing Protocol for Low-Power and
Lossy Networks). Critical Infrastructure such as power systems, transport, the internet, air
traffic control, railways and power plants could all be disrupted by an IoT attacker. The
authors reviewed intrusion detection in IoT, and they presented a great taxonomy to classify
the IoT IDSs based on detection method, IDS placement strategy, and security threat and
validation strategy. It was also indicated by Alvarenga et al. (Zarpelao et al., 2017) in 2017
that intrusion detection for IoT is still in an initial stage and that the existing IDSs do not
enough for a wide variety of IoT attacks. This paper explored and discussed if the recent IoT
IDSs are enough to deal with different IoT attacks.
Existing review articles (e.g., such as (Chaabouni et al., 2019; da Costa et al., 2019; Buczak
& Guven, 2016; Lunt, 1988; Agrawal & Agrawal, 2015)) focus on intrusion detection
techniques or dataset issue or type of computer attack and IDS evasion. No articles
comprehensively reviewed IoT IDS, dataset problems, deployment strategies, IoT Intrusion
techniques, and different kinds of attack altogether. In addition, the development of IoT IDS
has been such that several different systems have been proposed in the meantime, and so
there is a need for an up-to-date. The updated survey of the taxonomy of IoT IDS discipline is
presented in this paper further enhances taxonomies given in (Khraisat et al., 2019a;
Benkhelifa et al., 2018; Chaabouni et al., 2019; Liao et al., 2013a).
Given the discussion on prior surveys, this article focuses on the following:
 Classifying various kinds of IoT IDS based on intrusion techniques, deployment
strategy, and validation strategy.
 Presenting a recent works effort to improve IoT security IDS.
 Taxonomy of IoT attacks.
 Discussion of available IDS datasets.
 The challenges of IoT IDS.
Intrusion detection in the internet of things

In this section, a review of the existing IDS research for IoT is presented. Each research was
categorized by considering the following characteristics: IDS placement strategy, detection
method, and validation strategy. Figure 1 shows the classification of IDS for IoT networks,
while Table 1 provides some recent related research.

Fig: 5.1 Classification of IDSs for IoT

Figure 1 shows the IDS techniques, deployment strategy, validation strategy, attacks on IoT
and datasets covered by this paper and previous research papers. The variety in the IoT IDS
surveys indicates that a study of IDS for IoT must be reviewed. Specifically, none of these
surveys cover all detection methods of IoT, which is considered crucial because of the
heterogeneous nature of the IoT ecosystem. For that reason, this survey review IDS for IoT
from a broad technological scale.

IoT intrusion detection systems methods

IoT Intrusion is defined as an unauthorised action or activity that harms the IoT ecosystem. In
other words, an attack that results in any kind of damage to the confidentiality, integrity or
availability of information is considered an intrusion. For example, an attack that will make
the computer services unavailable to its legitimate users is considered an intrusion. An IDS is
defined as a software or hardware system that maintains the security of the system by
identifying malicious activities on the computer systems (Liao et al., 2013a). The main aim of
IDS is to identify unauthorised computer usage and malicious network traffic which is not
possible while using a traditional firewall. This results in making the computer systems
highly protective against the malicious actions that compromise the availability, integrity, or
confidentiality of computer systems. IDS system has two main sub-categories: Signature-
based Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System
(AIDS).

Signature-based intrusion detection systems (SIDS)

Signature intrusion detection systems (SIDS) utilize pattern matching techniques to find a
known attack; these are also known as Knowledge-based Detection or Misuse Detection
(Khraisat et al., 2018). In SIDS, matching methods are used to find a previous intrusion. In
other words, when an intrusion signature matches the signature of a previous intrusion that
already exists in the signature database, an alarm signal is triggered. For SIDS, the host’s logs
are inspected to find sequences of commands or actions which have previously been
identified as malware. SIDS has also been labelled in the literature as Knowledge-Based
Detection or Misuse Detection (Modi et al., 2013).
Figure 2 demonstrates the conceptual working of SIDS approaches. The main idea is to build
a database of intrusion signatures and to compare the current set of activities against the
existing signatures and raise the alarm if a match is found. For example, a rule in the form of
“if: antecedent -then: consequent” may lead to “if (source IP address=destination IP address)
then label as an attack “.
Fig: 5.2 Conceptual working of SIDS approache
SIDS usually gives an excellent detection accuracy for previously known intrusions (Kreibich
& Crowcroft, 2004). However, SIDS is unable to detect zero-day attacks as the database does
not contain a matching signature until the signature of the new attack is extracted and stored.
SIDS is employed in a number of common tools, such as Snort (Roesch, 1999) and NetSTAT
(Vigna & Kemmerer, 1999).
Traditional methods of SIDS have difficulty in identifying attacks that span multiple packets
as they examine network packets and perform matching against a database of signatures.
With the increased sophistication of modern malware, extracting signature information from
multiple packets may be required. With this, IDS needs to bring the contents of earlier
packets as well. For creating a signature for SIDS, generally, there have been several methods
where signatures are created as state machines (Meiners et al., 2010), formal language string
patterns or semantic conditions (Lin et al., 2011).
With the increasing rate of zero-day attacks (Symantec, 2017), SIDS techniques have become
progressively less effective because of the absence of signature for any such attacks. The
other factors such as the polymorphic variants of the malware and the rising amount of
targeted attacks also add up in compromising the adequacy of this traditional model. A
potential solution to this problem would be to use AIDS techniques. AIDS works by
differentiating between acceptable and unacceptable behaviour rather than profiling what is
anomalous, as described in the next section, as described in the next section.

Anomaly-based intrusion detection system (AIDS)

AIDS has attracted a lot of scholars because of its feature to overcome the limitation of SIDS.
In AIDS, a normal model of the behavior of a computer system is created using machine
learning, statistical-based or knowledge-based methods. Any significant deviation between
the observed behavior and the model is regarded as an anomaly, which can be interpreted as
an intrusion. This kind of technique works on the fact that malicious behaviour is different
from typical user behaviour. The behaviour of abnormal users that differentiates from the
standard behaviour is defined as an intrusion. There are two phases in the development of
AIDS: the training phase and the testing phase. In the training phase, the normal traffic
profile is used to learn a model of normal behaviour. In the testing phase, a new data set is
used to develop the system’s capacity to generalise to previously unseen intrusions. AIDS can
be sub-categorized based on the method used for training, for instance, statistical-based,
knowledge-based and machine learning-based (Butun et al., 2014).
The main advantage of AIDS is the ability to identify zero-day attacks because recognizing
the abnormal user activity does not rely on a signature database (Alazab et al., 2012). AIDS
triggers a danger signal when the examined behavior deviates from normal behavior.
Furthermore, AIDS has a number of benefits. First, they can discover internal malicious
activities. If an intruder starts making transactions in a stolen account that are unidentified in
the typical user activity, it creates an alarm. Second, it is challenging for a cybercriminal to
recognize what is a normal user behavior without producing an alert as the system is
constructed from customized profiles.
Table 2 presents the differences between signature-based detection and anomaly-based
detection. The main difference between these two is that AIDS can discover zero-day attacks,
whereas SIDS can only detect previously known intrusions. However, AIDS can result in a
high false-positive rate because anomalies may just be new normal activities rather than
genuine intrusions.
Since there is a lack of a taxonomy for anomaly-based intrusion detection systems, we have
identified five subclasses based on their features: Statistics-based, Pattern-based, Rule-based,
State-based and Heuristic-based as shown in Table 3.

Techniques for implementing AIDS

This section presents an overview of AIDS approaches proposed in recent years for
improving detection accuracy and reducing false alarms.
AIDS methods can be categorized into four main groups: supervised learning (Chao et
al., 2015), unsupervised learning (Elhag et al., 2015; Can & Sahingoz, 2015), reinforcement
learning and deep learning (Buczak & Guven, 2016; Meshram & Haas, 2017). Supervised
learning involves collecting and examining every input variable and an output variable and
you use an algorithm to learn the normal user behaviour from the input to the output. The
objective is to approximate the mapping function so well that when a new input record is
collected that predicts the output variables for that record. On the other hand, Unsupervised
learning tries to identify the requested actions from existing system data such as protocol
specifications and network traffic instances where you only have input data and no
corresponding output variables, while reinforcement learning methods enable an agent to
learn in an interactive environment by trial and error using feedback from its own actions and
experiences. In reinforcement learning, the aim is to obtain an appropriate action model that
would maximize the total cumulative reward of the agent. Deep learning models are based on
artificial neural networks, specifically convolutional neural networks (CNN)s. These four
classes along with examples of their subclasses are shown in Fig. 3.

Fig: 5.3 Classification of AIDS methods

Machine learning is the process of extracting knowledge from large quantities of data.
Machine learning models comprise of a set of rules, methods, or complex “transfer functions”
that can be applied to find interesting data patterns or to recognise or predict behaviour (Dua
& Du, 2016). Machine learning techniques have been applied extensively in the area of
AIDS. To extract the knowledge from intrusion datasets, different algorithms and techniques
such as clustering, neural networks, association rules, decision trees, genetic algorithms, and
nearest neighbour methods are utilized.
Some prior research has examined the use of different techniques to build AIDSs. Chebrolu
et al. examined the performance of two feature selection algorithms involving Bayesian
networks (BN) and Classification Regression Trees (CRC) and combined these methods for
higher accuracy (Chebrolu et al., 2005).
Bajaj et al. proposed a technique for feature selection using a combination of feature selection
algorithms such as Information Gain (IG) and Correlation Attribute evaluation. They tested
the performance of the selected features by applying different classification algorithms such
as C4.5, naïve Bayes, NB-Tree and Multi-Layer Perceptron (Khraisat et al., 2018; Bajaj &
Arora, 2013). A genetic-fuzzy rule mining method has been used to evaluate the importance
of IDS features (Elhag et al., 2015). Thaseen et al. proposed NIDS by using the Random Tree
model to improve accuracy and reduce the false alarm rate (Thaseen & Kumar, 2013).
Subramanian et al. proposed classifying the NSL-KDD dataset using decision tree algorithms
to construct a model for their metric data and studying the performance of decision tree
algorithms (Subramanian et al., 2012).
Various AIDSs have been created based on machine learning techniques as shown in Fig. 4.
The main aim of using machine learning methods is to create IDS that requires less human
knowledge and improve accuracy. The quantity of AIDS which makes use of machine
learning techniques has been increasing in the last few years. The main objective of IDS
based on machine learning research is to detect patterns and build an intrusion detection
system based on the dataset. Generally, there are two categories of machine learning
methods, supervised and unsupervised.

Fig: 5.4 Conceptual working of AIDS approaches based on machine learning

Supervised learning in intrusion detection system

This subsection presents various supervised learning techniques for IDS. Each technique is
presented in detail, and references to important research publications are presented.
Supervised learning-based IDS techniques detect intrusions by using labeled training data. A
supervised learning approach usually consists of two stages, namely, training and testing. In
the training stage, relevant features and classes are identified and then the algorithm learns
from these data samples. In supervised learning IDS, each record is a pair, containing a
network or host data source and an associated output value (i.e., label), namely intrusion or
normal. Next, feature selection can be applied to eliminating unnecessary features. Using the
training data for selected features, a supervised learning technique is then used to train a
classifier to learn the inherent relationship that exists between the input data and the labelled
output value. A wide variety of supervised learning techniques have been explored in the
literature, each with its advantages and disadvantages. In the testing stage, the trained model
is used to classify the unknown data into intrusion or normal class. The resultant classifier
then becomes a model that, given a set of feature values, predicts the class to which the input
data might belong. Figure 5 shows a general approach for applying classification techniques.
The most existing IDSs proposed are trained in a supervised way. It implies that the
cybersecurity professional need to label the network traffic and revise the model manually
from time to time.

Fig: 5.5 Classification as the task

There are many classification methods such as decision trees, rule-based systems, neural
networks, support vector machines, naïve Bayes and k-nearest neighbour. Each technique
uses a learning method to build a classification model. However, a suitable classification
approach should not only handle the training data, but it should also identify accurately the
class of records it has not ever seen before. Creating classification models with reliable
generalization ability is an important task of the learning algorithm.

Decision trees

A decision tree has three basic components. The first component is a decision node, which is
used to identify a test attribute. The second is a branch, where each branch represents a
possible decision based on the value of the test attribute. The third is a leaf that comprises the
class to which the instance belongs (Rutkowski et al., 2014). There are many different
decision tree algorithms, including ID3 (Quinlan, 1986), C4.5 (Quinlan, 2014) and CART
(Breiman, 1996).

Naïve Bayes

This approach is based on applying Bayes' principle with robust independence assumptions
among the attributes. Naïve Bayes answers questions such as “what is the probability that a
particular kind of attack is occurring, given the observed system activities?” by applying
conditional probability formulae. Naïve Bayes relies on the features that have different
probabilities of occurring in attacks and normal behavior. The naïve Bayes classification
model is one of the most prevalent models in IDS due to its ease of use and calculation
efficiency, both of which are taken from its conditional independence assumption property
(Yang & Tian, 2012). However, the system does not operate well if this independence
assumption is not valid, as was demonstrated on the KDD’99 intrusion detection dataset,
which has complex attribute dependencies (Koc et al., 2012). The results also reveal that the
Naïve Bayes model has reduced accuracy for large datasets. A further study showed that the
more sophisticated Hidden Naïve Bayes (HNB) model can be applied to IDS tasks that
involve high dimensionality, extremely interrelated attributes and high-speed networks (Koc
et al., 2012).

Genetic algorithms (GA)

Genetic algorithms are a heuristic approach to optimization, based on the principles of

evolution. Each possible solution is represented as a series of bits (genes) or chromosomes,
and the quality of the solutions improves over time by the application of selection and
reproduction operators, biased to favour fitter solutions. In applying a genetic algorithm to
the intrusion classification problem, there are typically two types of chromosome encoding:
one is according to clustering to generate binary chromosome coding method; another is
specifying the cluster center (clustering prototype matrix) by an integer coding chromosome.
Murray et al. have used GA to evolve simple rules for network traffic (Murray et al., 2014).
Every rule is represented by a genome and the primary population of genomes is a number of
random rules. Each genome is comprised of different genes that correspond to characteristics
such as IP source, IP destination, port source, port destination and 1 protocol type (Hoque &
Bikas, 2012).
Artificial neural network (ANN)

ANN is one of the most broadly applied machine-learning methods and has been shown to be
successful in detecting different malware. The most frequent learning technique employed for
supervised learning is the backpropagation (BP) algorithm. The BP algorithm assesses the
gradient of the network’s error with respect to its modifiable weights. However, for ANN-
based IDS, detection precision, particularly for less frequent attacks, and detection accuracy
still need to be improved. The training dataset for less-frequent attacks is small compared to
that of more-frequent attacks, and this makes it difficult for the ANN to learn the properties
of these attacks correctly. As a result, detection accuracy is lower for less frequent attacks. In
the information security area, huge damage can occur if low-frequency attacks are not
detected. For instance, if the User to Root (U2R) attacks evade detection, a cybercriminal can
gain the authorization privileges of the root user and thereby carry out malicious activities on
the victim’s computer systems. In addition, less common attacks are often outliers (Wang et
al., 2010). ANNs often suffer from local minima and thus learning can become very time-
consuming. The strength of ANN is that, with one or more hidden layers, it can produce
highly nonlinear models that capture complex relationships between input attributes and
classification labels. With the development of many variants such as recurrent and
convolutional NNs, ANNs are powerful tools in many classification tasks including IDS.

Fuzzy logic

This technique is based on the degrees of uncertainty rather than the typical true or false
Boolean logic on which the contemporary PCs are created. Therefore, it presents a
straightforward way of arriving at a conclusion based upon unclear, ambiguous, noisy,
inaccurate or missing input data. With a fuzzy domain, fuzzy logic permits an instance to
belong, possibly partially, to multiple classes at the same time. Therefore, fuzzy logic is a
good classifier for IDS problems as the security itself includes vagueness, and the borderline
between the normal and abnormal states is not well identified. In addition, the intrusion
detection problem contains various numeric features in the collected data and several derived
statistical metrics. Building IDSs based on numeric data with hard thresholds produces high
false alarms. An activity that deviates only slightly from a model could not be recognized, or
a minor change in normal activity could produce false alarms. With fuzzy logic, it is possible
to model this minor abnormality to keep the false rates low. Elhag et al. showed that with
fuzzy logic, the false alarm rate in determining intrusive actions could be decreased. They
outlined a group of fuzzy rules to describe the normal and abnormal activities in a computer
system, and a fuzzy inference engine to define intrusions (Elhag et al., 2015).

Support vector machines (SVM)

SVM is a discriminative classifier defined by a splitting hyperplane. SVMs use a kernel

function to map the training data into a higher-dimensioned space so that intrusion is linearly
classified. SVMs are well known for their generalization capability and are mainly valuable
when the number of attributes is large and the number of data points is small. Different types
of separating hyperplanes can be achieved by applying a kernel, such as linear, polynomial,
Gaussian Radial Basis Function (RBF), or hyperbolic tangent. In IDS datasets, many features
are redundant or less influential in separating data points into correct classes. Therefore,
feature selection should be considered during SVM training. SVM can also be used for
classification into multiple classes. In the work by Li et al., an SVM classifier with an RBF
kernel was applied to classify the KDD 1999 dataset into predefined classes (Li et al., 2012).
From a total of 41 attributes, a subset of features was carefully chosen by using a feature
selection method.

Hidden Markov model (HMM)

HMM is a statistical Markov model in which the system being modeled is assumed to be a
Markov process with unseen data. Prior research has shown that HMM analysis can be
applied to identify particular kinds of malware (Annachhatre et al., 2015). In this technique, a
Hidden Markov Model is trained against known malware features (e.g., operation code
sequence) and once the training stage is completed, the trained model is applied to score the
incoming traffic. The score is then contrasted to a predefined threshold, and a score greater
than the threshold indicates malware. Likewise, if the score is less than the threshold, the
traffic is identified as normal.
K-Nearest Neighbors (KNN) classifier: The k-Nearest Neighbor (k-NN) technique is a
typical non-parametric classifier applied in machine learning (Lin et al., 2015). The idea of
these techniques is to name an unlabelled data sample to the class of its k nearest neighbors
(where k is an integer defining the number of neighbors to be considered). Figure 6 illustrates
a K-Nearest Neighbors classifier where k = 5. The point X represents an instance of
unlabelled data that needs to be classified. Amongst the five nearest neighbors of X, there are
three similar patterns from the class Intrusion and two from the class Normal. Taking a
majority vote enables the assignment of X to the Intrusion class.

Fig: 5.6 An example of classification by k-Nearest Neighbour for k = 5

k-NN can be appropriately applied as a benchmark for all the other classifiers because it
provides a good classification performance in most IDSs (Lin et al., 2015).

Ensemble methods

Multiple machine learning algorithms can be used to obtain better predictive performance
than any of the constituent learning algorithms alone (Vasan et al., 2020a). Training several
classifiers at the same stage to detect different attacks, and then uniting their result to increase
the detection rate. Typically, the ensemble’s ability is better than a single classifier’s, as it can
enhance weak classifiers to produce better results than can a solitary classifier (Aburomman
& Reaz, 2017). Several different ensemble methods have been proposed, such as Boosting,
Bagging and Stacking. Boosting refers to a family of algorithms that can transform weak
learners into strong learners. Bagging means training the same classifier on different subsets
of the same dataset. Stacking combines various classification via a meta-classifier
(Aburomman & Ibne Reaz, 2016). The base-level models are built based on a whole training
set, and then the meta-model is trained on the outputs of the base level model as attributes.
Researchers have revealed that the combination of different classifier techniques is an
effective way to resolve the shortcomings traditional IDSs have when they are applied for
IoT. Jabbar et al. proposed an ensemble classifier that is built using Random Forest and also
the Average One-Dependence Estimator (AODE which solves the attribute dependency
problem in the Naïve Bayes classifier. Random Forest (RF) enhances precision and reduces
false alarms (Jabbar et al., 2017). It is combining both approaches in ensemble results in
improved accuracy over either technique applied independently.
More recently, Khraisat, et al. (Khraisat et al., 2019b) proposed a stacking ensemble method
that combined the C5 decision tree classifier and one-class support vector machine. The
reported classification accuracy of detection of malware is 94% on the IoT intrusion dataset
C5 decision tree classifier, while it is 92.5% in stage two. They reported in the stacking
ensemble, and the classification accuracy was 99.97%.

Unsupervised learning in intrusion detection system

Unsupervised learning is a kind of machine learning that makes use of input datasets without
class labels to extract interesting information. The input data points are normally treated as a
set of random variables. A joint density model is then created for the data set. In supervised
learning, the output labels are given and used to train the machine to get the required results
for an unseen data point. In contrast, in unsupervised learning, no labels are given, and
instead, the data is grouped automatically into various classes through the learning process. In
the context of developing an IDS, unsupervised learning means, use of a mechanism to
identify intrusions by using unlabelled data to train the model. IoT network traffic is clustered
into groups, based on the similarity of the traffic, without the need to pre-define these groups.
As shown in Fig. 7, once records are clustered, all of the cases that appear in small clusters
are labeled as an intrusion because the normal occurrences should produce sizable clusters
compared to the anomalies. In addition, malicious intrusions and normal instances are
dissimilar, thus they do not fall into an identical cluster.
Fig: 5.7 Using Clustering for Intrusion Detection

K-means

The K-means technique is one of the most prevalent techniques of clustering analysis that
aims to separate ‘n’ data objects into ‘k’ clusters in which each data object is selected in the
cluster with the nearest mean. K means it is an iterative clustering algorithm that aids to
obtain the highest value for every iteration. It is a distance-based clustering technique and it
does not need to compute the distances between all combinations of records. It applies a
Euclidean metric as a similarity measure. The number of clusters is determined by the user in
advance. Typically, several solutions will be tested before accepting the most appropriate
one. Annachhatre et al. used the K-means clustering algorithm to identify different host
behaviour profiles (Annachhatre et al., 2015). They have proposed new distance metrics that
can be used in the k-means algorithm to relate the clusters closely. They have clustered data
into several clusters and associated them with known behaviour for evaluation. Their
outcomes have revealed that k-means clustering is a better approach to classify the data using
unsupervised methods for intrusion detection when several kinds of datasets are available.
Clustering could be used in IDS for reducing intrusion signatures, generate a high-quality
signature or similar group intrusion.

Probabilistic clustering

This technique uses probability distribution to create the clusters.

Principal component analysis

is a common method for obtaining a set of low dimensional features from the largest set of
features.

Hierarchical clustering

This is a clustering technique that aims to create a hierarchy of clusters. Approaches for
hierarchical clustering are normally classified into two categories:
1. (i)
Agglomerative- bottom-up clustering techniques where clusters have sub-clusters,
which in turn have sub-clusters and pairs of clusters are combined as one moves up
the hierarchy.
2. (ii)
Divisive - hierarchical clustering algorithms where iteratively the cluster with the
largest diameter in feature space is selected and separated into binary sub-clusters
with a lower range.

Singular value decomposition

It is a method of decomposing a matrix into other matrices as a series of linear

approximations that expose the underlying meaning-structure of the matrix. The goal of
Singular Value Decomposition is to uncover the optimal set of features that best predict the
detection.

Independent component analysis

It is used for showing hidden factors that underlie sets of random features.
A lot of work has been done in the area of the cyber-physical control system (CPCS) with
attack detection and reactive attack mitigation by using unsupervised learning. For example, a
redundancy-based resilience approach was proposed by Alcara (Alcaraz, 2018). He proposed
a dedicated network sublayer that can handle the context by regularly collecting consensual
information from the driver nodes controlled in the control network itself, and discriminating
view differences through data mining techniques such as k-means and k-nearest neighbor.
Chao Shen et al. proposed Hybrid-Augmented device fingerprinting for IDS in Industrial
Control System Networks. They used different machine learning techniques to analyse
network packets to filter anomaly traffic to detect intrusions in ICS networks (Shen et
al., 2018).
Likewise, Khraisat, et al. (Khraisat et al., 2020) experimented with both single and ensemble
classifiers composed of the decision tree, and SVM, for classification of the NLS KDD
intrusion detection evaluation data set. They found that an ensemble of all three classifiers,
based on majority voting, marginally out-performed all other classifiers.

Reinforcement learning

Deep Reinforcement learning utilizes deep learning and reinforcement learning principles for
building IDS. Reinforcement learning involves an agent interacting with an environment. The
agent is trying to achieve a goal of some kind within the environment. The purpose of the
agent is to learn how to interact with its environment in such a way that allows it to achieve
its goals.
Deep reinforcement learning is the application of reinforcement learning to train deep neural
networks. It has an input layer, an output layer, and multiple hidden layers same as prior deep
neural networks. However, our input is the state of the environment. For instance, a bus is
trying to get its passengers to their destination. The inputs are the position, speed, and
direction; our output is a series of possible actions like speed up, slow down, turn left, or turn
right. In addition, we’re feeding our rewards signal into the network so that we can learn to
associate what actions produce positive results given a specific state of the environment.

Deep Q-network

It is combined reinforcement learning and deep neural networks at scale. The algorithm was
developed by enhancing a classic RL algorithm called Q-Learning with deep neural
networks.

Double Q-learning

It is an off-policy reinforcement learning algorithm that utilises double estimation to

counteract overestimation problems with traditional Q-learning.

Deep learning

Deep learning is a form of machine learning where a computer uses a hierarchy of data based
on experience and form multiple layers as an output. Deep learning can be supervised as well
as unsupervised. In the case of supervised deep learning, data can be classified whereas in the
case of unsupervised deep learning data patterns are analyzed. Deep learning is directly
related to artificial intelligence where machines will acquire knowledge by learning with
experience and will replace human intelligence. Deep learning works on the platform of
artificial neural networks by studying massive amounts of data with the help of algorithms
prepared by human intelligence. It is referred to as ‘deep learning’ as the artificial neural
networks possess different deep layers that enables them to learn. Table 4 shows a
Comparison of Machine learning and deep learning. Table 5 shows a summary of the deep
learning model techniques.
In neural networks, each neural node of every single hidden layer calculates the weighted
values receiving from the previous layer and passes on the output values to the subsequent
layer. The result value of the last layer can be considered as the final results achieved by the
neural networks from the raw data.

Fully connected neural networks (FCNN)

Fully Connected Feedforward Neural Networks are the standard network architecture applied
in mainly basic neural network applications. Fully connected denotes that an individual
neuron in the earlier layer is linked to every neuron in the subsequent layer. Feedforward
indicates that neurons in any preceding layer are only ever connected to the neurons in a
subsequent layer. Fully Connected Neural Networks can be used for feature extraction (Wang
et al., 2020).

Recurrent neural network (RNN)

The recurrent neural network can function efficiently on a series of data with variable input
length. This means that RNNs use the information of its prior state as an input for their
current prediction, and we can repeat this process for an arbitrary number of steps allowing
the network to propagate information via its hidden state through time. This is essentially like
giving a neural network a short-term memory. This feature makes RNNs very effective for
working with sequences of data that occur over time. Yin, et al. (Yin et al., 2017) proposed a
deep learning approach for intrusion detection using recurrent neural networks (RNN-IDS).
their experimental results show that RNN-IDS is very appropriate for creating IDS with high
accuracy and that its performance is superior to that of traditional machine learning
classification methods in both binary and multiclass classification.
Generative adversarial networks (GAN)

The Generative Adversarial Network is an integration of two deep learning neural networks:
Generator Network, and a Discriminator Network. The Generator Network produces
synthetic data, and the Discriminator Network tries to detect if the data that it’s seeing is real
or synthetic. These two networks are adversaries in the sense that they’re both competing to
beat one another.

Convolutional neural network (CNN)

A Convolutional Neural Network is contained of one or more convolutional layers and then
linked by one or more fully connected layers as in a standard multilayer neural network
(Vasan et al., 2020b). A convolutional neural network contains an input and an output layer,
as well as multiple hidden layers. The hidden layers of a CNN typically contain a sequence of
convolutional layers that convolve with a multiplication. A CNN receives a 2-D input and
abstracts high-level features via a sequence of hidden layers. CNN’s, which better upon the
architecture of the common neural networks, benefit from spatial features (Vasan et
al., 2020c). Spatial features are usually applied types of traffic features in the area of IDS.
When applying spatial features, network traffic is reformed into traffic images; it follows that
the image classification technique is used to categorize the traffic images, which also
ultimately achieves the objective of detecting the intrusion traffic. This technique is
comparatively recent, but then numerous recent research results prove its great potential. For
example, Vasan, et al. (Vasan et al., 2020b) adopted CNNS techniques and transformed the
raw malware binary into both grayscale and colour images and apply the fine-tuned CNN
architecture.

Autoencoder

An autoencoder is trained to restructure its inputs. Autoencoders have been used for
developing online IoT IDS (Mirsky et al., 2018). In general, an autoencoder trained on X
gains the capability to restructure unobserved instances from the identical data distribution as
X. If an instance does not be appropriate to the model learned from X, then it is expected the
restructure to have a high error.
IoT IDS deployment strategies

IDS can also be classified based on the deployment used to detect IoT attacks. In IDS
Deployment strategies, IDS can be classified as distributed, centralized or hybrid.

Distributed IDS

In distributed placement, the IoT devices could be responsible for checking other IoT
devices. Distributed IDS be made up of several IDS over a big IoT ecosystem, all of which
communicate with each other, or with a central server that assists advanced intrusion
detection systems, packet analysis, and incident response.
Several IDS deploy distributed architectures. This includes a subset of the network checking
the other nodes. Distributed IDS offers the incident analyst many advantages over centralized
IDS. The main benefit is the capability to identify attack forms across a whole IoT
ecosystem. This might increase prompt IoT attack prevention and detection. The additional
supported benefit is to allow early detection of an IoT Botnet creating its way through
corporate IoT devices. This data could then be used to detect and clean systems that have
been infected by the IoT Botnet and stop further spread of the Botnet into the IoT ecosystem
consequently take down any IoT devices damaged that would otherwise have occurred.
Furthermore, the advantage of distributed IDS rather than centralized IDS computing
resources also implies reduced control over those resources.

Centralized IDS

In the centralized IDS location, the IDS is placed in central devices, for instance, in the
boundary switch or a nominated device. All the information that the IoT devices collect and
then send to the network boundary switch passes through the boundary switch (Benkhelifa et
al., 2018). Consequently, the IDS positioned in a boundary switch can check the packets
switched between the IoT devices and the network. Despite this, checking the network
packets that pass through the boundary switch is not adequate to identify anomalies that
affect the IoT devices. The network traffic is monitored in centralized IDS. This traffic is
extracted from the network through different network data sources such as packet capture,
NetFlow, etc. The computers connected in a network can be monitored by Network-based
IDS. Moreover, NIDS is also capable of monitoring the external malicious activities that
could have been commenced from an external threat at an earlier stage, before these threats
expand to other computer systems. However, NIDS comes with some limitations such as its
restricted ability to inspect the whole data in a high bandwidth network because of the
volume of data passing through modern high-speed communication networks (Bhuyan et
al., 2014). NIDS deployed at several positions within a particular network topology, together
with HIDS and firewalls, can provide a concrete, resilient, and multi-tier protection against
both external and insider attacks. shows a summary of comparisons between IDS deployment
strategies.
Data source consists of system calls, application program interfaces, log files, data packets
that are extracted from well-known attacks. These data sources can be useful to classify
intrusion behaviors from abnormal actions.

Hierarchical IDS

In Hierarchical IDS, the network is separated into clusters. The sensor nodes that are adjacent
to each other typically belong to the same cluster. Each cluster is assigned a leader, the so-
called cluster head that screens the member nodes and plays a part in network-wide analyses.

IDS validation strategies

IDS Validation is the process for determining whether the IoT IDS model is an accurate
enough representation of the system, for detecting IoT attacks. To validate the effectiveness
of IDSs, researchers have used different techniques such as theoretical, empirical, and
hypothetical strategies for validating their techniques.
There are many classification metrics for IDS, some of which are known by multiple names.
shows the confusion matrix for a two-class classifier which can be used for evaluating the
performance of an IDS. Each column of the matrix represents the instances in a predicted
class, while each row represents the instances in an actual class.
IDS are typically evaluated based on the following standard performance measures:
 True Positive Rate (TPR): It is calculated as the ratio between the number of correctly
predicted attacks and the total number of attacks. If all intrusions are detected then the
TPR is 1 which is extremely rare for an IDS. TPR is also called a Detection Rate (DR)
or the Sensitivity. The TPR can be expressed mathematically as
���=����+��

False Positive Rate (FPR): It is calculated as the ratio between the number of normal
instances incorrectly classified as an attack and the total number of normal instances.
���=����+��
  False Negative Rate (FNR): False negative means when a detector fails to identify an
anomaly and classifies it as normal. The FNR can be expressed mathematically as:
���=����+��

 Classification rate (CR) or Accuracy: The CR measures how accurate the IDS is in
detecting normal or anomalous traffic behavior. It is described as the percentage of all
those correctly predicted instances to all instances:
��������=��+����+��+��+��

Receiver Operating Characteristic (ROC) curve: ROC has FPR on the x-axis and TPR on the
y-axis. In the ROC curve, the TPR is plotted as a function of the FPR for different cut-off
points. Each point on the ROC curve represents an FPR and TPR pair corresponding to a
certain decision threshold. As the threshold for classification is varied, a different point on the
ROC is selected with different False Alarm Rate (FAR) and different TPR. A test with
perfect discrimination (no overlap in the two distributions) has a ROC curve that passes
through the upper left corner (100% sensitivity, 100% specificity).

State-of-the-art intrusion detection in IoT

Table 8 shows a summary of the proposed research to IDSs for IoT.

Table 8 Summary of the proposed research to IDSs for IoT

Cho et al. proposed a methodology for checking packets that are passing through the border
router for communication between physical and network devices. Their methodology is based
on the botnet attacks by checking the packet length (Cho et al., 2009). However, no
information is presented about the technique employed to create a normal behaviour profile.
It is also not clear how the proposed IDS techniques would work on resource constraints
nodes in the IoT.
Rathore et al. proposed semi-supervised Fuzzy learning-based distributed attack detection
framework for IoT (Rathore & Park, 2018). The evaluation was done on the NSL-KDD
dataset and consequently suffered from the same limitations concerning the dataset as
mentioned above.
Hodo et al. use an Artificial Neural Network (ANN) to detect DDoS and DoS attacks against
legitimate IoT network traffic. The proposed ANN model was tested with the use of a
simulated IoT network. Hoda et al. proposed a threat analysis of IoT using ANN to detect
DDoS/DoS attacks. A multi-level perceptron, a type of supervised ANN, is trained using
internet packet traces and then the model is assessed on its ability to thwart (DDoS/DoS)
attacks (Hodo et al., 2016). Hoda et al. did not consider effectiveness after the deployment of
the proposed IDS in the IoT ecosystem on low-capacity devices. According to their
experimentation, the system achieved an accuracy of 99.4% for DDoS/DoS. However, no
details of the dataset are provided.
Diro et al. developed an IoT network attack detection system based on distributed deep
learning. Their work showed that distributed attack detection could identify IoT attacks better
than a centralized strategy with a 96% detection rate. Their approach was evaluated using the
NLS-KDD dataset. Even though this dataset is another version of the KDD data set, it still
suffers from various issues reviewed by McHugh (McHugh, 2000). We believe this dataset
should not be used as a practical benchmark dataset in the IoT as this data was collected from
the traditional network (Diro & Chilamkurti, 2018). This leads us to develop IDSs that take
into consideration the specific requirement of IoT protocol such as (Low-power Wireless
Personal Area Networks) 6LowPAN. Hence, the Intrusion detection system that is created for
the IoT ecosystem should operate under rigorous settings of low processing ability, high-
speed connection, and big capacity data processing.
Moustafa et al. proposed an ensemble of IDSs to detect abnormal activities, in specific botnet
attacks against Domain Name System (DNS), Hypertext Transfer Protocol (HTTP) and
Message Queue Telemetry Transport (MQTT) (Moustafa et al., 2019). Their ensemble
methods are based on the AdaBoost learning method and they used three machine learning
techniques: Artificial Neural Networks (ANN), Decision Tree (DT) and Naive Bayes (NB) to
evaluate their methodology (Moustafa et al., 2019). The proposed IDS result in significant
overhead which degrades its performance.
Cervantes, et al. proposed IDS for detecting sinkhole attacks on 6LoWPAN for the IoT. Their
IDS approach applies a combination of anomaly detection and support vector machine
(SVM). IDS during the training process, each IDS agent trains the SVM and executes a
majority voting decision to mark the infected nodes (Cervantes et al., 2015). Their simulation
results show that their IDS achieve a sinkhole detection rate of up to 92% on the fixed
scenario and 75% in a mobile scenario. However, their approach has not been evaluated for
other types of attacks in the IoT.
Khraisat, et al. (Khraisat et al., 2019b) proposed an ensemble Hybrid Intrusion Detection
System (HIDS) by combining a C5 classifier and a One-Class Support Vector Machine
classifier. C5 classifier is used to detect well know intrusion. One-Class Support Vector
Machine classifier is used to detect a new attack.
Attacks on IoT ecosystem

As IoT technology involves many devices like sensors, processors and many other
technologies, the purpose of sharing the data and connecting to other networks has been
served successfully. As it involves many devices connected, the data shared may not be
secure and the security concern raises. IoT Security refers to protect the information shared
among different networks through IoT devices using IoT technology. These devices are
connected to others using the internet which allows vulnerabilities to take place by allowing
the hacker to hack the data. Data without the security will lead to many concerns and brings
huge loss for many industries and even to the individuals ending with the loss of the data
from their systems (Khraisat et al., 2019b).
IoT grabbed the attention of the people and the organizations from many sectors onto it, by
providing extreme benefits to them. Along with its tremendous growth, some security issues
have risen by which IoT attacks have taken place by preventing people to use many of its
upcoming applications. Hence, this section report discusses the concept of IoT security, the
Challenge of IoT security, the impacts of them followed by the IoT attack and its types. IoT
devices can be accessed from any place within a trusted network. So, there are chances of lots
of malicious attacks in the IoT network. Hence, security, privacy, and confidentiality issues
must be appropriately addressed in the IoT to protect it from malicious attacks. For example,
the attacking of traffic lights and driverless vehicles not only reasons chaos and rises
contamination, but also can initiate harm and severe collisions leading to wounded.
Different devices and equipment of home and office can be virtually connected with the help
of the internet to left them they can perform their activities by monitoring the device’s
remote.
Figure 8 shows the IoT system architecture with layers where attacks can occur. An IoT
system can comprise three fundamental layers which are the perception layer, network layer,
and application layer (Liao et al., 2013a). The perception layer is the lowest layer of the
conventional architecture of IoT. This layer consists of devices, sensors, and controllers. This
layer’s fundamental task is to gather valuable information from IoT sensors systems.
Fig: 5.8 IoT architecture and layer attacks

In the network layer, IoT involves a variety of diverse networks such as WSNs, wireless
mesh networks, WLAN, etc. These networks help sensors in IoT exchange information. A
gateway can simplify the communication of several sensors over the network. Thus, a
gateway could be beneficial to handle many complex aspects involved in communication on
the network. The network layer ensures the successful transmission of data while the
application layer is the highest layer that processes the data for visualization.
In the application layer, the data source can be obtained from Internet Service Provider (ISP)
and mobile network providers’ web-based services, virtual online identities, edge network,
devices logs, Radio-Frequency Identification (RFID) tags, and readers, etc.
Most of the attackers’ target IoT devices and equipment rather than a single PC. IoT has an
interconnection of various devices and equipment along with some embedded devices as
well. The major causes of IoT as a malware target can be summarized below:
 All the devices and equipment in an IoT need to be always on and it is easy for
attackers to assess that equipment where the power mode is on at any point in time.
 Devices and equipment interconnected in an IoT are always connected and the
attackers may access the interconnected devices from a single device.
 In most cases, proper security measures and knowledge to defend and tackle attack in
a whole set of interconnected devices is difficult than in a single PC.
 Lack of proper encryption features in the interconnecting devices and weak passwords
is another cause of malware target in IoT.
 The level of sophistication for the exploitation of the IoT is much lower and easy as
compared to a single device.
 Twenty-four hours of internet exposure of the IoT devices and equipment is another
cause of IoT as a malware target. Due to the unlimited internet connection, the
devices will accept the incoming traffic signals and become vulnerable to attacks.
The attributes and features of malware differ in a single device and a set of interconnected
devices and equipment.
Table 9 shows the different security attributes of a single device that is PC and the set of
devices that is IoT about malware. Cyber-attacks on IoT applications can be both internal and
external attacks. The attacker is a compromised node of the network in an inside attack
whereas the attacker is not a part of the network in an outside attack. Figure 9 shows the
significant types of cyber-attack that target IoT applications. The types of attacks as well as
how the attack will impact the IoT network and their implications are described.
Fig: 5.9 Taxonomy of Security attacks within IoT

Physical/perception layer

Attacks are based on hidden aspects of devices and equipment. These attacks can take control
of the device by tampering with hardware. IoT physical attacks are launched when an attack
is close to the network or IoT device. Some of the significant threats at the
physical/perception layer include:
In this paper, an Intrusion
Detection System (IDS) for
cybersecurity based on a
Convolutional Neural Network
(CNN) classifier is proposed. The
convolution and pooling
process of CNN allow the
proposed IDS model to learn
complicated patterns of features form
network traffic, while
maintaining reasonable storage and
computation overhead.
This feature differentiates the
proposed IDS model with the
traditional one, which requires a
signature database that is
usually handmade by security
experts to perform
classification. Also, an innovative
dataset preprocessing
method is used to boost the multi-
class classification
performance of the proposed CNN
based IDS. In our
evaluation using CICIDS2017
security database, the
proposed IDS model outperforms
nine other well-known
classifier models in most multi-
class classification
categories. More specifically, out of
the 14 available attack
classes in CICIDS2017, the
proposed model reaches the
highest Detection Rate (DR) at 10
attack classes compared
to the nine selected models. This
IDS model also has the
highest True Negative Rate (TNR)
and the lowest False
Alarm Rate (FAR) for benign
network traffic. Also, the
proposed IDS provides better
multi-class classification
results than some other recently
proposed CNN based IDS,
which only capable of only one-
class classification or
classifying a few classes. In addition,
it shows the potential
at detecting innovative attacks,
which the traditional IDS
models struggle to perform. Some
custom datasets were used
to evaluate this model’s
performance at innovative DoS
attacks. The simulation results
indicate that the proposed
model is capable of detecting some
DoS samples that the
model never encounters in its training
process.
The proposed IDS reaches a new
altitude at detecting
cyberattacks, which the traditional
IDS models never
achieve. This model not only
offers protection against the
known attacks with a high DR and
low FAR, but also shows
CHAPTER-6
CONCLUSION

In this paper, an Intrusion Detection System (IDS) for cybersecurity based on a

Convolutional Neural Network (CNN) classifier is proposed. The convolution and pooling
process of CNN allow the proposed IDS model to learn complicated patterns of features
form network traffic, while maintaining reasonable storage and computation overhead.
This feature differentiates the proposed IDS model with the traditional one, which requires
a signature database that is usually handmade by security experts to perform
classification. Also, an innovative dataset preprocessing method is used to boost the
multi-class classification performance of the proposed CNN based IDS. In our
evaluation using CICIDS2017 security database, the proposed IDS model outperforms
nine other well-known classifier models in most multi-class classification categories.
More specifically, out of the 14 available attack classes in CICIDS2017, the proposed
model reaches the highest Detection Rate (DR) at 10 attack classes compared to the nine
selected models. This IDS model also has the highest True Negative Rate (TNR) and
the lowest False Alarm Rate (FAR) for benign network traffic. Also, the proposed IDS
provides better multi-class classification results than some other recently proposed CNN
based IDS, which only capable of only one-class classification or classifying a few
classes. In addition, it shows the potential at detecting innovative attacks, which the
traditional IDS models struggle to perform. Some custom datasets were used to evaluate
this model’s performance at innovative DoS attacks. The simulation results indicate
that the proposed model is capable of detecting some DoS samples that the model
never encounters in its training process. The proposed IDS reaches a new altitude at
detecting cyberattacks, which the traditional IDS models never achieve. This model not
only offers protection against the known attacks with a high DR and low FAR, but also
shows
 CHAPTER-7
REFERENCES

[1] Anderson, James P., Computer Security Threat Monitoring and Surveillance,
Washing, PA, James P. Anderson Co., 1980.
[2] Wenke Lee et al., "Real time data mining-based intrusion detection," In Proceedings
DARPA Information Survivability Conference and Exposition II. DISCEX'01, Anaheim,
CA, USA, pp. 89-100, 2001.
[3] Jyothsna, V. V. R. P. V., VV Rama Prasad, and K. Munivara Prasad, "A review of
anomaly based intrusion detection systems," International Journal of Computer
Applications, vol. 28, no. 7, pp. 26-35, 2011.
[4] G. Ciaburro and B. Venkateswaran. “Neural networks with R: smart models using
CNN, RNN, deep learning, and artificial intelligence principles.” Birmingham, UK: Packt
Publishing, 2017.
[5] J. Kiefer and J. Wolfowitz, “Stochastic Estimation of the Maximum of a Regression
Function,” The Annals of Mathematical Statistics, vol. 23, no. 3, pp. 462-466, 1952.
[6] Bottou, Léon, Frank E. Curtis, and Jorge Nocedal, "Optimization methods for large-
scale machine learning," Siam Review, vol. 60, no. 2, pp. 223-311, 2018.
[7] M. Roopak, G. Yun Tian and J. Chambers, "Deep learning models for cyber security in
IoT networks," In Proceedings of IEEE 9th Annual Computing and Communication
Workshop and Conference, Las Vegas, NV, USA, pp. 0452-0457, 2019.
[8] Yeom, Sungwoong, and Kyungbaek Kim, "Detail analysis on machine learning based
malicious network traffic classification." In Proceedings of the International Conference
on Smart Media & Applications, pp. 49-53, 2019.
[9] Kim, Jiyeon, Yulim Shin, and Eunjung Choi, "An Intrusion Detection Model based on a
Convolutional Neural Network," Journal of Multimedia Information System, vol. 6, no. 4,
pp. 165-172, 2019.
[10] Khraisat, Ansam, et al. "Survey of intrusion detection systems: techniques, datasets
and challenges," Cybersecurity, vol. 2, no. 1, p. 20, 2019.
[11] Y. Gu, K. Li, Z. Guo, and Y. Wang, “Semi-supervised K-means DDoS detection
method using hybrid feature selection algorithm,” IEEE Access, vol. 7, pp. 64351–64365,
2019.