MULTI-CLASS CLASSIFICATION TECHNIQUE TO DETECT IOT ATTACKS IN REAL TIME

Abstract

The Internet of Things (IoT) has undergone remarkable expansion in recent years, leading to a proliferation of devices capable of connecting to the internet, collecting data, and sharing information. However, this rapid growth has also introduced a myriad of security challenges, resulting in an uptick in cyber-attacks targeting IoT infrastructures. To mitigate these threats and ensure the integrity of data, researchers have been actively engaged in the development of robust Intrusion Detection Systems (IDS) utilizing various machine learning (ML) techniques. This dissertation presents a comprehensive overview of three distinct approaches toward IoT intrusion detection, each leveraging ML methodologies to enhance security measures. The first approach focuses on a multi-class classification algorithm, integrating models such as random forest, logistic regression (LR), decision tree (DT), and Xgboost. Through meticulous evaluation utilizing evaluation metrics including F1 score, recall, and precision under the Receiver Operating Characteristics (ROC) curve, this approach demonstrates a remarkable 99 % accuracy in detecting IoT attacks. In the second approach, a deep ensemble model comprising Multilayer Perceptron (MLP), Convolutional Neural Network (CNN), and Long Short-Term Memory (LSTM) architectures is proposed for intrusion detection in IoT environments. Evaluation on the UNSW 2018 IoT Botnet dataset showcases the proficiency of this approach, achieving an accuracy of 98.4 % in identifying malicious activities. Lastly, the dissertation explores a real-time Intrusion Detection System (IDS) framework deployed within the Pyspark architecture, aimed at efficiently detecting IoT attacks while minimizing detection time. Employing the OneVsRest (OVR) technique and the IoT-23 dataset, this approach employs various ML algorithms, with Extreme Gradient Boosting achieving the highest accuracy of 98.89 %. Notably, Random Forest exhibits superior training and detection times, with a mere 0.0311 seconds required for detection. Through a thorough examination of these methodologies and their corresponding results, this dissertation underscores the significance of employing ML techniques in fortifying IoT security infrastructures. By leveraging advanced algorithms and evaluation metrics, the proposed approaches offer valuable insights into enhancing intrusion detection accuracy in IoT environments while addressing real-time constraints.