TY - JOUR
T1 - Hybrid Deep Learning-Based Intrusion Detection System for RPL IoT Networks
AU - Al Sawafi, Yahya
AU - Touzene, Abderezak
AU - Hedjam, Rachid
N1 - Publisher Copyright:
© 2023 by the authors.
DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.
PY - 2023/3/8
Y1 - 2023/3/8
N2 - Internet of things (IoT) has become an emerging technology transforming everyday physical objects to be smarter by using underlying technologies such as sensor networks. The routing protocol for low-power and lossy networks (RPL) is considered one of the promising protocols designed for the IoT networks. However, due to the constrained nature of the IoT devices in terms of memory, processing power, and network capabilities, they are exposed to many security attacks. Unfortunately, the existing Intrusion Detection System (IDS) approaches using machine learning that have been proposed to detect and mitigate security attacks in internet networks are not suitable for analyzing IoT traffics. This paper proposed an IDS system using the hybridization of supervised and semi-supervised deep learning for network traffic classification for known and unknown abnormal behaviors in the IoT environment. In addition, we have developed a new IoT specialized dataset named IoTR-DS, using the RPL protocol. IoTR-DS is used as a use case to classify three known security attacks (DIS, Rank, and Wormhole). The proposed Hybrid DL-Based IDS is evaluated and compared to some existing ones, and the results are promising. The evaluation results show an accuracy detection rate of 98% and 92% in f1-score for multi-class attacks when using pre-trained attacks (known traffic) and an average accuracy of 95% and 87% in f1-score when predicting untrained attacks for two attack behaviors (unknown traffic).
AB - Internet of things (IoT) has become an emerging technology transforming everyday physical objects to be smarter by using underlying technologies such as sensor networks. The routing protocol for low-power and lossy networks (RPL) is considered one of the promising protocols designed for the IoT networks. However, due to the constrained nature of the IoT devices in terms of memory, processing power, and network capabilities, they are exposed to many security attacks. Unfortunately, the existing Intrusion Detection System (IDS) approaches using machine learning that have been proposed to detect and mitigate security attacks in internet networks are not suitable for analyzing IoT traffics. This paper proposed an IDS system using the hybridization of supervised and semi-supervised deep learning for network traffic classification for known and unknown abnormal behaviors in the IoT environment. In addition, we have developed a new IoT specialized dataset named IoTR-DS, using the RPL protocol. IoTR-DS is used as a use case to classify three known security attacks (DIS, Rank, and Wormhole). The proposed Hybrid DL-Based IDS is evaluated and compared to some existing ones, and the results are promising. The evaluation results show an accuracy detection rate of 98% and 92% in f1-score for multi-class attacks when using pre-trained attacks (known traffic) and an average accuracy of 95% and 87% in f1-score when predicting untrained attacks for two attack behaviors (unknown traffic).
KW - RPL
KW - deep learning
KW - intrusion detection systems
KW - machine learning
KW - routing protocols
KW - security
UR - http://www.scopus.com/inward/record.url?scp=85153777455&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85153777455&partnerID=8YFLogxK
UR - https://www.mendeley.com/catalogue/ab4ee50e-ea05-3306-8bd7-fb750f77b77d/
U2 - 10.3390/jsan12020021
DO - 10.3390/jsan12020021
M3 - Article
AN - SCOPUS:85153777455
SN - 2224-2708
VL - 12
SP - 21
JO - Journal of Sensor and Actuator Networks
JF - Journal of Sensor and Actuator Networks
IS - 2
M1 - 2
ER -