Detecting Impersonation Attacks on IoT

Abstract

The Internet of Things has many security challenges that need to be overcome with the IoT's limited resources. An Intrusion Detection System (IDS) is a critical part of every IoT network for detecting different attack types. Impersonation attacks are difficult to spot in the IoT environment; an attacker acts as a legitimate node and can launch further attacks, e.g. Denial of Service DoS. This project used machine learning techniques to build an IDS that detects impersonation attacks through a classification model that operated as a part of the IDS. This project constructed the model using the AWID dataset. First, a dataset preparation process normalised and balanced the dataset, then a Stacked Auto-encoder (SAE) was used to extract the essential features. After that, Mutual Information (MI) was used to select the 20 features with the highest MI values. Finally, a Support Vector Machine (SVM) was used for classification and, combined with Recursive Feature Elimination (RFE), selected eight SVM features. The results showed an excellent performance with an accuracy of 99.01%, a detection rate of 99.61%, and a false alarm rate of 0.38%. This project outperformed existing benchmark models, and a comparison shows the substantial improvement of the performance across different measures.