Ensemble-based Intrusion Detection for Internet of Things Devices
Priscilla Kyei Danso, Euclides Carlos Pinto Neto, Sajjad Dadkhah, Alireza Zohourian, Heather Molyneaux, Ali A. Ghorbani
Abstract
Security, privacy, and interoperability challenges have arisen as the Internet of Things (IoT) devices proliferate and become increasingly connected. IoT devices have resource constraints such as computational capabilities, power consumption, onboard storage, and network bandwidth, which limit the implementation of cryptographic solutions. The heterogeneous nature of IoT devices makes them an avenue for attackers to exploit threats like spoofing, routing, MITM, and DoS attacks. With the current sophistication of threats IoT devices are subjected to, an Intrusion Detection System (IDS) is the preferred solution for IoT devices. An IDS continuously monitors incoming traffic and discovers potential threats in incoming and outgoing traffic. This research proposes a novel intelligent ensemble-based IDS that will reside in the IoT gateway. The uniqueness of our approach lies in an ensemble learning approach that combines multiple machine learning methods to improve prediction performance and detection accuracy. Ensemble learning has been studied to increase the detection rate while obtaining better generalization performance due to combining several Machine Learning (ML) models, also known as base learners. Three popularly known ensemble models (i.e., boosting, stacking, and voting) are employed to assess our proposed IDS performance. The proposed method use algorithms such as Naïve Bayes (NB), Support Vector Classification (SVC), and <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$k$</tex> -Nearest Neighbors ( <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$k$</tex> NN). Lastly, the proposed approach will be evaluated on two publicly available datasets; Intrusion Detection Evaluation Dataset (CIC-IDS2017) and N-BaIoT.