PDF(Pubmed)
Abstract:
Internet of Things (IoT) applications and resources are highly vulnerable to flood attacks, including Distributed Denial of Service (DDoS) attacks. These attacks overwhelm the targeted device with numerous network packets, making its resources inaccessible to authorized users. Such attacks may comprise attack references, attack types, sub-categories, host information, malicious scripts, etc. These details assist security professionals in identifying weaknesses, tailoring defense measures, and responding rapidly to possible threats, thereby improving the overall security posture of IoT devices. Developing an intelligent Intrusion Detection System (IDS) is highly complex due to its numerous network features. This study presents an improved IDS for IoT security that employs multimodal big data representation and transfer learning. First, the Packet Capture (PCAP) files are crawled to retrieve the necessary attacks and bytes. Second, Spark-based big data optimization algorithms handle huge volumes of data. Second, a transfer learning approach such as word2vec retrieves semantically-based observed features. Third, an algorithm is developed to convert network bytes into images, and texture features are extracted by configuring an attention-based Residual Network (ResNet). Finally, the trained text and texture features are combined and used as multimodal features to classify various attacks. The proposed method is thoroughly evaluated on three widely used IoT-based datasets: CIC-IoT 2022, CIC-IoT 2023, and Edge-IIoT. The proposed method achieves excellent classification performance, with an accuracy of 98.2%. In addition, we present a game theory-based process to validate the proposed approach formally.
摘要:
物联网(IoT)应用和资源极易受到洪水攻击,包括分布式拒绝服务(DDoS)攻击。这些攻击用大量网络数据包淹没了目标设备,使授权用户无法访问其资源。此类攻击可能包括攻击参考,攻击类型,子类别,主机信息,恶意脚本,等。这些细节有助于安全专业人员识别弱点,剪裁防御措施,并迅速应对可能的威胁,从而改善物联网设备的整体安全态势。由于其众多的网络特性,开发智能入侵检测系统(IDS)非常复杂。这项研究提出了一种改进的物联网安全IDS,它采用了多模式大数据表示和迁移学习。首先,会抓取数据包捕获(PCAP)文件以检索必要的攻击和字节。第二,基于Spark的大数据优化算法处理海量数据。第二,诸如word2vec之类的迁移学习方法检索基于语义的观察特征。第三,开发了一种将网络字节转换为图像的算法,和纹理特征通过配置基于注意力的残差网络(ResNet)来提取。最后,将训练好的文本和纹理特征组合起来,作为多模态特征对各种攻击进行分类。所提出的方法在三个广泛使用的基于物联网的数据集上进行了全面评估:CIC-IoT2022,CIC-IoT2023和Edge-IIoT。所提出的方法实现了优异的分类性能,准确率为98.2%。此外,我们提出了一个基于博弈论的过程来正式验证所提出的方法。
