الفهرس 
Machine learning methods in intrusion detectionOnly 14 pages are availabe for public view
 |  | from | 138 |  |  |
| | | from | 138 | | |
Abstract
The internet of things (IoT) is a collection of common physical things which
can communicate and synthesize data utilizing network infrastructure by
connecting to the Internet. The IoT has the potential to capture sensitive data and
should be able to withstand attacks and privacy concerns. In the IoT, these
digital sensors or devices are known as "things". IoT networks are growing
increasingly vulnerable to security breaches as their popularity grows. One among
the most popular severe dangers to IoT security is cyber security attacks such as
distributed denial of service (DDoS) and denial of service (DoS). These attacks
take several forms and target various resources on a wide range of IoT devices.
These cyberattacks frequently target a large number of devices in an IoT network.
Many academics are increasingly interested in enhancing the security of IoT
systems. Based on malicious detection systems, machine learning (ML)
approaches were employed to provide a high level of security capabilities. This
work proposed a novel malicious detection system based on machine learning
(ML) methods to detect attacks in IoT and mitigate malicious occurrences.
Furthermore, NSL-KDD or KDD-CUP99 datasets are used in the great majority of
current studies, these datasets are not updated with new attacks. As a consequence,
this study used the ToN_IoT dataset, which was created from a large-scale,
heterogeneous IoT network.
The ToN_IoT dataset reflects data from each layer of the IoT system such as
(cloud, fog, and edge layers). The proposed model is a distributed malicious model
which based on a multi-layer of the IoT system. Various ML methods were
assessed in each specific sector of the ToN_IoT dataset. The proposed model is the
first suggested model that is based on the collected data from the same IoT system
from all layers and devices/sensors.
The Chi 2 technique was used to pick features in a network dataset. It reduced the
number of features to 20, which resulted in a faster training time, lower model
complexity, and the best overall performance throughout the dataset. Another
feature selection tool employed in the windows dataset was the correlation matrix,
which was used to extract the most relevant features from the whole dataset. To
balance the classes, the SMOTE method was used. It is enhanced overall
performance by lowering the dominant class bias, reducing overfitting, and
reducing dominant class bias. Using Chi 2 , SMOTE, and the correlation matrix as
preprocessing tools, a satisfactory assessment measure will be produced. In this
work, numerous machine learning methods were put to the test in both binary and
multi-class classification problems. According to the findings, the XGBoost
approach beats other ML methods in the whole dataset for all malicious detection
nodes.
Keywords: Malicious detection, Intrusion detection system (IDS), Internet of
Things (IoT), ToN_IoT dataset, machine learning (ML), XGBoost classifier.