Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)

Uno de los campos en los que la Inteligencia Artificial (IA) debe seguir innovando es la seguridad informática. La integración de las Redes Inalámbricas de Sensores (WSN) con el Internet de las Cosas (IoT) crea ecosistemas de superficies atractivas para las intrusiones de seguridad, siendo vulnerabl...

Full description

Autores:: Gutierrez Portela, Fernando
Arteaga Arteaga, Harold Brayan
Almenares Mendoza, Florina
Calderon Benavides , Liliana
Acosta Mesa, Hector Gabriel
Tabares Soto, Reinel

Tipo de recurso:: Article of investigation

Fecha de publicación:: 2023

Institución:: Universidad Cooperativa de Colombia

Repositorio:: Repositorio UCC

Idioma:

id	COOPER2_0659d7e2e3062c5ad7c41b6a09e1442d
oai_identifier_str	oai:repository.ucc.edu.co:20.500.12494/52795
network_acronym_str	COOPER2
network_name_str	Repositorio UCC
repository_id_str
dc.title.none.fl_str_mv	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
title	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
spellingShingle	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI) Deep learning Internet de las cosas Sistema de detección de intrusos Aprendizaje automático Red de sensores inalámbricos. Deep learning Internet of things Intrusion detection system Machine learning Wireless sensor network
title_short	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
title_full	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
title_fullStr	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
title_full_unstemmed	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
title_sort	Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)
dc.creator.fl_str_mv	Gutierrez Portela, Fernando Arteaga Arteaga, Harold Brayan Almenares Mendoza, Florina Calderon Benavides , Liliana Acosta Mesa, Hector Gabriel Tabares Soto, Reinel
dc.contributor.author.none.fl_str_mv	Gutierrez Portela, Fernando Arteaga Arteaga, Harold Brayan Almenares Mendoza, Florina Calderon Benavides , Liliana Acosta Mesa, Hector Gabriel Tabares Soto, Reinel
dc.subject.none.fl_str_mv	Deep learning Internet de las cosas Sistema de detección de intrusos Aprendizaje automático Red de sensores inalámbricos.
topic	Deep learning Internet de las cosas Sistema de detección de intrusos Aprendizaje automático Red de sensores inalámbricos. Deep learning Internet of things Intrusion detection system Machine learning Wireless sensor network
dc.subject.other.none.fl_str_mv	Deep learning Internet of things Intrusion detection system Machine learning Wireless sensor network
description	Uno de los campos en los que la Inteligencia Artificial (IA) debe seguir innovando es la seguridad informática. La integración de las Redes Inalámbricas de Sensores (WSN) con el Internet de las Cosas (IoT) crea ecosistemas de superficies atractivas para las intrusiones de seguridad, siendo vulnerables a ataques múltiples y simultáneos. Esta investigación evalúa el rendimiento de técnicas ML supervisadas para la detección de intrusiones basadas en capturas de tráfico de red. Este trabajo presenta un nuevo conjunto de datos equilibrado (IDSAI) con intrusiones generadas en entornos de ataque en un escenario real. Este nuevo conjunto de datos se ha proporcionado con el fin de contrastar la generalización del modelo a partir de diferentes conjuntos de datos. Los resultados muestran que para la detección de intrusos, los mejores algoritmos supervisados son XGBoost, Gradient Boosting, Decision Tree, Random Forest, y Extra Trees, que pueden generar predicciones cuando se entrenan y predicen con diez intrusiones específicas (como ARP spoofing, ICMP echo request Flood, TCP Null, y otras), tanto de forma binaria (intrusión y no intrusión) con hasta un 94% de precisión, como de forma multiclase (diez intrusiones diferentes y no intrusión) con hasta un 92% de precisión. Por el contrario, se alcanza hasta un 90% de precisión para la predicción en el conjunto de datos Bot-IoT utilizando modelos entrenados con el conjunto de datos IDSAI.
publishDate	2023
dc.date.accessioned.none.fl_str_mv	2023-09-30T23:43:48Z
dc.date.available.none.fl_str_mv	2023-09-30T23:43:48Z
dc.date.issued.none.fl_str_mv	2023-07-04
dc.type.none.fl_str_mv	Artículos Científicos
dc.type.coar.none.fl_str_mv	http://purl.org/coar/resource_type/c_2df8fbb1
dc.type.coarversion.none.fl_str_mv	http://purl.org/coar/version/c_970fb48d4fbd8a85
dc.type.driver.none.fl_str_mv	info:eu-repo/semantics/article
dc.type.redcol.none.fl_str_mv	http://purl.org/redcol/resource_type/ART
dc.type.version.none.fl_str_mv	info:eu-repo/semantics/publishedVersion
format	http://purl.org/coar/resource_type/c_2df8fbb1
status_str	publishedVersion
dc.identifier.issn.none.fl_str_mv	2169-3536
dc.identifier.uri.none.fl_str_mv	10.1109/ACCESS.2023.3292267 https://hdl.handle.net/20.500.12494/52795
dc.identifier.bibliographicCitation.none.fl_str_mv	G. -P. Fernando, A. -A. H. Brayan, A. M. Florina, C. -B. Liliana, A. -M. Héctor-Gabriel and T. -S. Reinel, "Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)," in IEEE Access, vol. 11, pp. 70542-70559, 2023, doi: 10.1109/ACCESS.2023.3292267.
identifier_str_mv	2169-3536 10.1109/ACCESS.2023.3292267 G. -P. Fernando, A. -A. H. Brayan, A. M. Florina, C. -B. Liliana, A. -M. Héctor-Gabriel and T. -S. Reinel, "Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)," in IEEE Access, vol. 11, pp. 70542-70559, 2023, doi: 10.1109/ACCESS.2023.3292267.
url	https://hdl.handle.net/20.500.12494/52795
dc.relation.isversionof.none.fl_str_mv	https://ieeexplore.ieee.org/document/10172186
dc.relation.ispartofjournal.none.fl_str_mv	IEEE Access
dc.relation.references.none.fl_str_mv	A. Mourad, H. Tout, O. A. Wahab, H. Otrok, and T. Dbouk, ‘‘Ad hoc vehicular fog enabling cooperative low-latency intrusion detection,’’ IEEE Internet Things J., vol. 8, no. 2, pp. 829–843, Jan. 2021, doi: 10.1109/JIOT.2020.3008488. IoT Analytics. (2022). IoT Analytics-Your Global IoT Market Research Partner. [Online]. Available: https://iot-analytics.com/ I. Butun, S. D. Morgera, and R. Sankar, ‘‘A survey of intrusion detection systems in wireless sensor networks,’’ IEEE Commun. Surveys Tuts., vol. 16, no. 1, pp. 266–282, 1st Quart., 2014, doi: 10.1109/SURV.2013.050113.00191. Z. A. Khan and P. Herrmann, ‘‘Recent advancements in intrusion detection systems for the Internet of Things,’’ Secur. Commun. Netw., vol. 2019, Jul. 2019, Art. no. 4301409. [Online]. Available: https://www.scopus.com A. Bilen and A. B. Özer, ‘‘Cyber-attack method and perpetrator prediction using machine learning algorithms,’’ PeerJ Comput. Sci., vol. 7, p. e475, Apr. 2021, doi: 10.7717/PEERJ-CS.475. J. Cho, ‘‘Efficient autonomous defense system using machine learning on edge device,’’ Comput., Mater. Continua, vol. 70, no. 2, pp. 3565–3588, 2022, doi: 10.32604/cmc.2022.020826. C. M. Sayan, ‘‘An intelligent security assistant for cyber security operations,’’ in Proc. IEEE 2nd Int.Workshops Found. Appl. Self* Syst. (FAS*W), Sep. 2017, pp. 375–376, doi: 10.1109/FAS-W.2017.179. A. S. Gowri and P. S. i. Bala, ‘‘An agent based resource provision for IoT through machine learning in fog computing,’’ in Proc. IEEE Int. Conf. Syst., Comput., Autom. Netw. (ICSCAN), Mar. 2019, pp. 1–5, doi: 10.1109/ICSCAN.2019.8878821. S. Pundir, M. Wazid, D. P. Singh, A. K. Das, J. J. P. C. Rodrigues, and Y. Park, ‘‘Intrusion detection protocols in wireless sensor networks integrated to Internet of Things deployment: Survey and future challenges,’’ IEEE Access, vol. 8, pp. 3343–3363, 2020, doi: 10.1109/ACCESS.2019.2962829. L. N. Tidjon, M. Frappier, and A. Mammar, ‘‘Intrusion detection systems: A cross-domain overview,’’ IEEE Commun. Surveys Tuts., vol. 21, no. 4, pp. 3639–3681, 4th Quart., 2019, doi: 10.1109/COMST.2019. 2922584. B. Sezari, D. P. F. Möller, and A. Deutschmann, ‘‘Anomaly-based network intrusion detection model using deep learning in airports,’’ in Proc. 17th IEEE Int. Conf. Trust, Secur. Privacy Comput. Communications/ 12th IEEE Int. Conf. Big Data Sci. Eng. (TrustCom/BigDataSE), Aug. 2018, pp. 1725–1729, doi: 10.1109/TrustCom/BigDataSE.2018. 00261. M. A. Ferrag, L. Shu, O. Friha, and X. Yang, ‘‘Cyber security intrusion detection for agriculture 4.0: Machine learning-based solutions, datasets, and future directions,’’ IEEE/CAA J. Autom. Sinica, vol. 9, no. 3, pp. 407–436, Mar. 2022, doi: 10.1109/JAS.2021.1004344. G. Liu, H. Zhao, F. Fan, G. Liu, Q. Xu, and S. Nazir, ‘‘An enhanced intrusion detection model based on improved KNN in WSNs,’’ Sensors, vol. 22, no. 4, p. 1407, Feb. 2022, doi: 10.3390/s22041407. O. Kompougias, D. Papadopoulos, E. Mantas, A. Litke, N. Papadakis, D. Paraschos, A. Kourtis, and G. Xylouris, ‘‘IoT botnet detection on flow data using autoencoders,’’ in Proc. IEEE Int. Medit. Conf. Commun. Netw. (MeditCom), Sep. 2021, pp. 506–511, doi: 10.1109/MeditCom49071.2021.9647639. M. Husamuddin and M. Qayyum, ‘‘Internet of Things: A study on security and privacy threats,’’ in Proc. 2nd Int. Conf. Anti-Cyber Crimes (ICACC), Mar. 2017, pp. 93–97, doi: 10.1109/Anti-Cybercrime.2017.7905270 B. B. Zarpelão, R. S Miani, C. T. Kawakani, and S. C. de Alvarenga, ‘‘A survey of intrusion detection in Internet of Things,’’ J. Netw. Comput. Appl., vol. 84, pp. 25–37, Apr. 2017, doi: 10.1016/j.jnca.2017. 02.009. C. Anita S. and S. Gupta, ‘‘An effective model for anomaly IDS to improve the efficiency,’’ in Proc. Int. Conf. Green Comput. Internet Things (ICGCIoT), Oct. 2015, pp. 190–194, doi: 10.1109/ICGCIoT.2015.7380455. N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, ‘‘Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,’’ Future Gener. Comput. Syst., vol. 100, pp. 779–796, Nov. 2019, doi: 10.1016/j.future.2019.05.041. [Online]. Available: https://www.sciencedirect. com/science/article/pii/S0167739X18327687 K. S. Kiran, R. K. Devisetty, N. P. Kalyan, K. Mukundini, and R. Karthi, ‘‘Building a intrusion detection system for IoT environment using machine learning techniques,’’ Proc. Comput. Sci., vol. 171, pp. 2372–2379, Jan. 2020, doi: 10.1016/j.procs.2020.04.257. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1877050920312497 O. Almomani, M. A. Almaiah, A. Alsaaidah, S. Smadi, A. H. Mohammad, and A. Althunibat, ‘‘Machine learning classifiers for network intrusion detection system: Comparative study,’’ in Proc. Int. Conf. Inf. Technol. (ICIT), Jul. 2021, pp. 440–445, doi: 10.1109/ICIT52682.2021. 9491770. A. Sirisha, K. Chaitanya, K. V. S. S. R. Krishna, and S. S. Kanumalli, ‘‘Intrusion detection models using supervised and unsupervised algorithms—A comparative estimation,’’ Int. J. Saf. Secur. Eng., vol. 11, no. 1, pp. 51–58, Feb. 2021, doi: 10.18280/ijsse.110106. Z. K. Maseer, R. Yusof, N. Bahaman, S. A. Mostafa, and C. F. M. Foozy, ‘‘Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset,’’ IEEE Access, vol. 9, pp. 22351–22370, 2021, doi: 10.1109/ACCESS.2021. 3056614. H. Ao, ‘‘Using machine learning models to detect different intrusion on NSL-KDD,’’ in Proc. IEEE Int. Conf. Comput. Sci., Artif. Intell. Electron. Eng. (CSAIEE), Aug. 2021, pp. 166–177, doi: 10.1109/CSAIEE54046.2021.9543241. M. Shafiq, Z. Tian, Y. Sun, X. Du, and M. Guizani, ‘‘Selection of effective machine learning algorithm and Bot- IoT attacks traffic identification for Internet of Things in smart city,’’ Future Gener. Comput. Syst., vol. 107, pp. 433–442, Jun. 2020, doi: /10.1016/j.future.2020.02.017. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X19334880 F. Anwar and S. Saravanan, ‘‘Comparison of artificial intelligence algorithms for IoT botnet detection on apache spark platform,’’ Proc. Comput. Sci., vol. 215, pp. 499–508, Jan. 2022, doi: 10.1016/j.procs.2022.12.052. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1877050922021238 H. Lawrence, U. Ezeobi, O. Tauil, J. Nosal, O. Redwood, Y. Zhuang, and G. Bloom, ‘‘CUPID: A labeled dataset with pentesting for evaluation of network intrusion detection,’’ J. Syst. Archit., vol. 129, Aug. 2022, Art. no. 102621, doi: 10.1016/j.sysarc.2022.102621. [Online]. Available: https ://www.sciencedirect.com/science/article/pii/S1383762122001515 T. Gaber, A. El-Ghamry, and A. E. Hassanien, ‘‘Injection attack detection using machine learning for smart IoT applications,’’ Phys. Commun., vol. 52, p. 101685, Jun. 2022, doi: 10.1016/j.phycom.2022.101685. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1874490722000490 G. Rohini, C. G. Kousalya, and J. Bino, ‘‘Intrusion detection system with an ensemble learning and feature selection framework for IoT networks,’’ IETE J. Res., pp. 1–17, Aug. 2022, doi: 10.1080/03772063.2022.2098187 M. S. Islam, I. Hussain, M. M. Rahman, S. J. Park, and M. A. Hossain, ‘‘Explainable artificial intelligence model for stroke prediction using EEG signal,’’ Sensors, vol. 22, no. 24, p. 9859, Dec. 2022, doi: 10.3390/s22249859. I. Hussain and S. J. Park, ‘‘Big-ECG: Cardiographic predictive cyber-physical system for stroke management,’’ IEEE Access, vol. 9, pp. 123146–123164, 2021, doi: 10.1109/ACCESS.2021.3109806. I. Hussain and S. J. Park, ‘‘HealthSOS: Real-time health monitoring system for stroke prognostics,’’ IEEE Access, vol. 8, pp. 213574–213586, 2020, doi: 10.1109/ACCESS.2020.3040437. T. Janarthanan and S. Zargari, ‘‘Feature selection in UNSW-NB15 and KDDCUP’99 datasets,’’ in Proc. IEEE 26th Int. Symp. Ind. Electron. (ISIE), Jun. 2017, pp. 1881–1886, doi: 10.1109/ISIE.2017.8001537. C. Beazley, K. Gadiya, R. K. U. Rakesh, D. Roden, B. Ye, B. Abraham, D. E. Brown, and M. Veeraraghavan, ‘‘Exploratory data analysis of a unified host and network dataset,’’ in Proc. Syst. Inf. Eng. Design Symp. (SIEDS), Apr. 2019, pp. 1–5, doi: 10.1109/SIEDS.2019.8735640. D. K. Bhattacharyya and J. K. Kalita. (2013). Network Anomaly Detection: A Machine Learning Perspective. [Online]. Available: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85053983816 &partnerID=40&md5=d08c13eb685e592ea4d6bac426f6b1f0 S. Q. A. Shah, F. Z. Khan, and M. Ahmad, ‘‘The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network,’’ Comput. Netw., vol. 187, Mar. 2021, Art. no. 107825, doi: 10.1016/j.comnet.2021.107825. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S138912862100013X P. Kumari and A. K. Jain, ‘‘A comprehensive study of DDoS attacks over IoT network and their countermeasures,’’ Comput. Secur., vol. 127, Apr. 2023, Art. no. 103096, doi: 10.1016/j.cose.2023.103096. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167404823000068 A. Gupta and L. S. Sharma, ‘‘Detecting attacks in high-speed networks: Issues and solutions,’’ Inf. Secur. J., A Global Perspective, vol. 29, no. 2, pp. 51–61, Mar. 2020, doi: 10.1080/19393555.2020.1722296. S. Hijazi, M. S. Obaidat, and S. Obaidat, ‘‘Address resolution protocol spoofing attacks and security approaches:Asurvey,’’ Secur. Privacy, vol. 6, no. 3, 2018, doi: 10.1002/spy2.49. M. A. A. Ghamdi, ‘‘An optimized and secure energy-efficient blockchainbased framework in IoT,’’ IEEE Access, vol. 10, pp. 133682–133697, 2022, 10.1109/ACCESS.2022.3230985. S. B.Wankhede, ‘‘Study of network-based DoS attacks,’’ in Nanoelectronics, Circuits and Communication Systems, V. Nath and J. K. Mandal, Eds. Singapore: Springer, 2019 S. Saito, K. Maruhashi, M. Takenaka, and S. Torii, ‘‘TOPASE: Detection and prevention of brute force attacks with disciplined IPs from IDS logs,’’ J. Inf. Process., vol. 24, no. 2, pp. 217–226, 2016, doi: 10.2197/ipsjjip.24.217 N. Naik and P. Jenkins, ‘‘Discovering hackers by stealth: Predicting fingerprinting attacks on honeypot systems,’’ in Proc. IEEE Int. Syst. Eng. Symp. (ISSE), Oct. 2018, pp. 1–8, doi: 10.1109/SysEng.2018. 8544408. A. Sahi, D. Lai, Y. Li, and M. Diykh, ‘‘An efficient DDoS TCP flood attack detection and prevention system in a cloud environment,’’ IEEE Access, vol. 5, pp. 6036–6048, 2017, doi: 10.1109/ACCESS.2017.2688460. R. Gangula, V. M. Mohan, and R. Kumar, ‘‘A comprehence study of DDoS attack detecting algorithm using GRU-BWFA classifier,’’ Meas., Sensors, vol. 24, Dec. 2022, Art. no. 100570, doi: 10.1016/j.measen.2022.100570. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2665917422002045 M. Catillo, A. Pecchia, and U. Villano, ‘‘No more DoS? An empirical study on defense techniques for web server denial of service mitigation,’’ J. Network Comput. Appl., vol. 202, 2022, Art. no. 103363, doi: /10.1016/j.jnca.2022.103363. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1084804522000303 S. A. Abdullah, ‘‘SEUI-64, bits an IPv6 addressing strategy to mitigate reconnaissance attacks,’’ Eng. Sci. Technol., Int. J., vol. 22, no. 2, pp. 667–672, Apr. 2019, doi: 10.1016/j.jestch.2018.11.012. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2215098618312977 W. Chang, Y. Liu, Y. Xiao, X. Xu, S. Zhou, X. Lu, and Y. Cheng, ‘‘Probability analysis of hypertension-related symptoms based on XGBoost and clustering algorithm,’’ Appl. Sci., vol. 9, no. 6, p. 1215, 2019, doi: 10.3390/app9061215. [Online]. Available: https://www.mdpi.com/2076- 3417/9/6/1215 A. Géron, Hands-On Machine Learning With Scikit-Learn, Keras, and TensorFlow, 2nd ed. Sebastopol, CA, USA: O’Reilly Media, 2019. A. Abbas, M. A. Khan, S. Latif, M. Ajaz, A. A. Shah, and J. Ahmad, ‘‘Anewensemble-based intrusion detection system for Internet of Things,’’ Arabian J. Sci. Eng., vol. 47, no. 2, pp. 1805–1819, Feb. 2022, doi: 10.1007/s13369-021-06086-5. L. Liu, P.Wang, J. Lin, and L. Liu, ‘‘Intrusion detection of imbalanced network traffic based on machine learning and deep learning,’’ IEEE Access, vol. 9, pp. 7550–7563, 2021, doi: 10.1109/ACCESS.2020.3048198. F. Rustam, M. Khalid, W. Aslam, V. Rupapara, A. Mehmood, and G. S. Choi, ‘‘A performance comparison of supervised machine learning models for covid-19 tweets sentiment analysis,’’ PLoS One, vol. 16, no. 2, Feb. 2021, Art. no. e0245909, doi: 10.1371/journal.pone.0245909. A. Thakkar and R. Lohiya, ‘‘Attack classification using feature selection techniques: A comparative study,’’ J. Ambient Intell. Humanized Comput., vol. 12, no. 1, pp. 1249–1266, Jan. 2021, doi: 10.1007/S12652-020- 02167-9. [Online]. Available: https://bbibliograficas.ucc.edu.co:2201/ article/10.1007/s12652-020-02167-9 M. C. Belavagi and B. Muniyal, ‘‘Multi class machine learning algorithms for intrusion detection—A performance study,’’ Commun. Comput. Inf. Sci., vol. 746, pp. 170–178, Nov. 2017, doi: 10.1007/978-981-10-6898-0_14. S. Bose, A. Pal, R. SahaRay, and J. Nayak, ‘‘Generalized quadratic discriminant analysis,’’ Pattern Recognit., vol. 48, no. 8, pp. 2676–2684, Aug. 2015, doi: 10.1016/j.patcog.2015.02.016. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S003132031500076X J. Ma, Y. Ding, J. C. P. Cheng, Y. Tan, V. J. L. Gan, and J. Zhang, ‘‘Analyzing the leading causes of traffic fatalities using XGBoost and grid-based analysis: A city management perspective,’’ IEEE Access, vol. 7, pp. 148059–148072, 2019, doi: 10.1109/ACCESS.2019. 2946401. F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, A. Müller, J. Nothman, G. Louppe, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duchesnay, ‘‘Scikit-learn: Machine learning in Python,’’ J. Mach. Learn. Res., vol. 12, pp. 2825–2830, Oct. 2012. L. Buitinck, G. Louppe, M. Blondel, F. Pedregosa, A. Mueller, O. Grisel, V. Niculae, P. Prettenhofer, A. Gramfort, J. Grobler, R. Layton, J. VanderPlas, A. Joly, B. Holt, and G. Varoquaux, ‘‘API design for machine learning software: Experiences from the scikit-learn project,’’ in Proc. ECML PKDD Workshop, Lang. Data Mining Mach. Learn., 2013, pp. 108–122 H. M and S. M. N, ‘‘A review on evaluation metrics for data classification evaluations,’’ Int. J. Data Mining Knowl. Manage. Process, vol. 5, no. 2, pp. 01–11, Mar. 2015, doi: 10.5121/ijdkp.2015.5201. H. B Arteaga-Arteaga, A. Mora-Rubio, F. Florez, N. Murcia-Orjuela, C. E. Diaz-Ortega, S. Orozco-Arias, M. Delapava, M. A. Bravo-Ortíz, M. Robinson, P. Guillen-Rondon, and R. Tabares-Soto, ‘‘Machine learning applications to predict two-phase flow patterns,’’ PeerJ Comput. Sci., vol. 7, p. e798, Nov. 2021. D. M. W. Powers, ‘‘Evaluation: From precision, recall andF-measure to ROC, informedness, markedness and correlation,’’ 2020, arXiv:2010.16061. B. Bengfort and R. Bilbro, ‘‘Yellowbrick: Visualizing the scikit-learn model selection process,’’ J. Open Source Softw., vol. 4, no. 35, p. 1075, Mar. 2019, doi: 10.21105/joss.01075. [Online]. Available: https://joss.theoj.org/papers/10.21105/joss.01075 S. M. Lundberg and S.-I. Lee, ‘‘A unified approach to interpreting model predictions,’’ in Advances in Neural Information Processing Systems, vol. 30, I. Guyon, U. V. Luxburg, S. Bengio, H. Wallach, R. Fergus, S. Vishwanathan, and R. Garnett, Eds. Red Hook, NY, USA: Curran Associates, 2017. [Online]. Available: https://proceedings.neurips.cc/paper_files/paper/2017/file/ 8a20a8621978632d76c43dfd28b67767-Paper.pdf M. Verkerken, L. D’hooge, T. Wauters, B. Volckaert, and F. De Turck, ‘‘Towards model generalization for intrusion detection: Unsupervised machine learning techniques,’’ J. Netw. Syst. Manage., vol. 30, no. 1, Jan. 2022, doi: 10.1007/s10922-021-09615-7.
dc.rights.accessrights.none.fl_str_mv	info:eu-repo/semantics/closedAccess
dc.rights.coar.none.fl_str_mv	http://purl.org/coar/access_right/c_14cb
eu_rights_str_mv	closedAccess
rights_invalid_str_mv	http://purl.org/coar/access_right/c_14cb
dc.format.extent.none.fl_str_mv	70542-70559
dc.coverage.temporal.none.fl_str_mv	11
dc.publisher.none.fl_str_mv	Universidad Cooperativa de Colombia, Facultad de Ingenierías, Ingeniería de sistemas, Ibagué
dc.publisher.program.none.fl_str_mv	Ingeniería de Sistemas
dc.publisher.place.none.fl_str_mv	Ibagué
publisher.none.fl_str_mv	Universidad Cooperativa de Colombia, Facultad de Ingenierías, Ingeniería de sistemas, Ibagué
institution	Universidad Cooperativa de Colombia
bitstream.url.fl_str_mv	https://repository.ucc.edu.co/bitstreams/40b549e4-f2fa-46f3-8d2e-30d41628a484/download https://repository.ucc.edu.co/bitstreams/d91c0616-f165-4492-924f-1f8f0efc39ed/download https://repository.ucc.edu.co/bitstreams/7ced1610-0ada-495d-a419-e5567e6f4c5f/download https://repository.ucc.edu.co/bitstreams/153211ff-1b92-4a33-b179-daf2cb0fe362/download https://repository.ucc.edu.co/bitstreams/bff6805a-a892-4593-9286-e208c60c015a/download https://repository.ucc.edu.co/bitstreams/ed96ddb8-ac94-41a5-bc0d-1449357e29a5/download
bitstream.checksum.fl_str_mv	3bce4f7ab09dfc588f126e1e36e98a45 4d3d0d65fedb192379a75b5f836d701a 579c1ed651a0918f001af3c014f12f20 505cfd34503c5f076b702a273e435618 0dfaf00846bde7e1428526d6a7ff18c3 a52b06def014eec361a59fd7d2044ab3
bitstream.checksumAlgorithm.fl_str_mv	MD5 MD5 MD5 MD5 MD5 MD5
repository.name.fl_str_mv	Repositorio Institucional Universidad Cooperativa de Colombia
repository.mail.fl_str_mv	bdigital@metabiblioteca.com
_version_	1811565440344784896
spelling	Gutierrez Portela, FernandoArteaga Arteaga, Harold BrayanAlmenares Mendoza, FlorinaCalderon Benavides , LilianaAcosta Mesa, Hector GabrielTabares Soto, Reinel112023-09-30T23:43:48Z2023-09-30T23:43:48Z2023-07-042169-353610.1109/ACCESS.2023.3292267https://hdl.handle.net/20.500.12494/52795G. -P. Fernando, A. -A. H. Brayan, A. M. Florina, C. -B. Liliana, A. -M. Héctor-Gabriel and T. -S. Reinel, "Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)," in IEEE Access, vol. 11, pp. 70542-70559, 2023, doi: 10.1109/ACCESS.2023.3292267.Uno de los campos en los que la Inteligencia Artificial (IA) debe seguir innovando es la seguridad informática. La integración de las Redes Inalámbricas de Sensores (WSN) con el Internet de las Cosas (IoT) crea ecosistemas de superficies atractivas para las intrusiones de seguridad, siendo vulnerables a ataques múltiples y simultáneos. Esta investigación evalúa el rendimiento de técnicas ML supervisadas para la detección de intrusiones basadas en capturas de tráfico de red. Este trabajo presenta un nuevo conjunto de datos equilibrado (IDSAI) con intrusiones generadas en entornos de ataque en un escenario real. Este nuevo conjunto de datos se ha proporcionado con el fin de contrastar la generalización del modelo a partir de diferentes conjuntos de datos. Los resultados muestran que para la detección de intrusos, los mejores algoritmos supervisados son XGBoost, Gradient Boosting, Decision Tree, Random Forest, y Extra Trees, que pueden generar predicciones cuando se entrenan y predicen con diez intrusiones específicas (como ARP spoofing, ICMP echo request Flood, TCP Null, y otras), tanto de forma binaria (intrusión y no intrusión) con hasta un 94% de precisión, como de forma multiclase (diez intrusiones diferentes y no intrusión) con hasta un 92% de precisión. Por el contrario, se alcanza hasta un 90% de precisión para la predicción en el conjunto de datos Bot-IoT utilizando modelos entrenados con el conjunto de datos IDSAI.One of the fields where Artificial Intelligence (AI) must continue to innovate is computer security. The integration of Wireless Sensor Networks (WSN) with the Internet of Things (IoT) creates ecosystems of attractive surfaces for security intrusions, being vulnerable to multiple and simultaneous attacks. This research evaluates the performance of supervised ML techniques for detecting intrusions based on network traffic captures. This work presents a new balanced dataset (IDSAI) with intrusions generated in attack environments in a real scenario. This new dataset has been provided in order to contrast model generalization from different datasets. The results show that for the detection of intruders, the best supervised algorithms are XGBoost, Gradient Boosting, Decision Tree, Random Forest, and Extra Trees, which can generate predictions when trained and predicted with ten specific intrusions (such as ARP spoofing, ICMP echo request Flood, TCP Null, and others), both of binary form (intrusion and non-intrusion) with up to 94% of accuracy, as multiclass form (ten different intrusions and non-intrusion) with up to 92% of accuracy. In contrast, up to 90% of accuracy is achieved for prediction on the Bot-IoT dataset using models trained with the IDSAI dataset.https://scienti.minciencias.gov.co/cvlac/visualizador/generarCurriculoCv.do?cod_rh=0000476030https://orcid.org/0000-0003-3722-3809AQUAfernando.gutierrez@campusucc.edu.cohttps://scholar.google.com/citations?hl=es&user=9gw2ob4AAAAJhttps://scholar.google.com/citations?hl=es&user=oaXMbzYAAAAJhttps://scholar.google.com/citations?hl=es&user=XihGBWoAAAAJhttps://scholar.google.com/citations?hl=es&user=LmynKr0AAAAJ70542-70559Universidad Cooperativa de Colombia, Facultad de Ingenierías, Ingeniería de sistemas, IbaguéIngeniería de SistemasIbaguéhttps://ieeexplore.ieee.org/document/10172186IEEE AccessA. Mourad, H. Tout, O. A. Wahab, H. Otrok, and T. Dbouk, ‘‘Ad hoc vehicular fog enabling cooperative low-latency intrusion detection,’’ IEEE Internet Things J., vol. 8, no. 2, pp. 829–843, Jan. 2021, doi: 10.1109/JIOT.2020.3008488.IoT Analytics. (2022). IoT Analytics-Your Global IoT Market Research Partner. [Online]. Available: https://iot-analytics.com/I. Butun, S. D. Morgera, and R. Sankar, ‘‘A survey of intrusion detection systems in wireless sensor networks,’’ IEEE Commun. Surveys Tuts., vol. 16, no. 1, pp. 266–282, 1st Quart., 2014, doi: 10.1109/SURV.2013.050113.00191.Z. A. Khan and P. Herrmann, ‘‘Recent advancements in intrusion detection systems for the Internet of Things,’’ Secur. Commun. Netw., vol. 2019, Jul. 2019, Art. no. 4301409. [Online]. Available: https://www.scopus.comA. Bilen and A. B. Özer, ‘‘Cyber-attack method and perpetrator prediction using machine learning algorithms,’’ PeerJ Comput. Sci., vol. 7, p. e475, Apr. 2021, doi: 10.7717/PEERJ-CS.475.J. Cho, ‘‘Efficient autonomous defense system using machine learning on edge device,’’ Comput., Mater. Continua, vol. 70, no. 2, pp. 3565–3588, 2022, doi: 10.32604/cmc.2022.020826.C. M. Sayan, ‘‘An intelligent security assistant for cyber security operations,’’ in Proc. IEEE 2nd Int.Workshops Found. Appl. Self* Syst. (FAS*W), Sep. 2017, pp. 375–376, doi: 10.1109/FAS-W.2017.179.A. S. Gowri and P. S. i. Bala, ‘‘An agent based resource provision for IoT through machine learning in fog computing,’’ in Proc. IEEE Int. Conf. Syst., Comput., Autom. Netw. (ICSCAN), Mar. 2019, pp. 1–5, doi: 10.1109/ICSCAN.2019.8878821.S. Pundir, M. Wazid, D. P. Singh, A. K. Das, J. J. P. C. Rodrigues, and Y. Park, ‘‘Intrusion detection protocols in wireless sensor networks integrated to Internet of Things deployment: Survey and future challenges,’’ IEEE Access, vol. 8, pp. 3343–3363, 2020, doi: 10.1109/ACCESS.2019.2962829.L. N. Tidjon, M. Frappier, and A. Mammar, ‘‘Intrusion detection systems: A cross-domain overview,’’ IEEE Commun. Surveys Tuts., vol. 21, no. 4, pp. 3639–3681, 4th Quart., 2019, doi: 10.1109/COMST.2019. 2922584.B. Sezari, D. P. F. Möller, and A. Deutschmann, ‘‘Anomaly-based network intrusion detection model using deep learning in airports,’’ in Proc. 17th IEEE Int. Conf. Trust, Secur. Privacy Comput. Communications/ 12th IEEE Int. Conf. Big Data Sci. Eng. (TrustCom/BigDataSE), Aug. 2018, pp. 1725–1729, doi: 10.1109/TrustCom/BigDataSE.2018. 00261.M. A. Ferrag, L. Shu, O. Friha, and X. Yang, ‘‘Cyber security intrusion detection for agriculture 4.0: Machine learning-based solutions, datasets, and future directions,’’ IEEE/CAA J. Autom. Sinica, vol. 9, no. 3, pp. 407–436, Mar. 2022, doi: 10.1109/JAS.2021.1004344.G. Liu, H. Zhao, F. Fan, G. Liu, Q. Xu, and S. Nazir, ‘‘An enhanced intrusion detection model based on improved KNN in WSNs,’’ Sensors, vol. 22, no. 4, p. 1407, Feb. 2022, doi: 10.3390/s22041407.O. Kompougias, D. Papadopoulos, E. Mantas, A. Litke, N. Papadakis, D. Paraschos, A. Kourtis, and G. Xylouris, ‘‘IoT botnet detection on flow data using autoencoders,’’ in Proc. IEEE Int. Medit. Conf. Commun. Netw. (MeditCom), Sep. 2021, pp. 506–511, doi: 10.1109/MeditCom49071.2021.9647639.M. Husamuddin and M. Qayyum, ‘‘Internet of Things: A study on security and privacy threats,’’ in Proc. 2nd Int. Conf. Anti-Cyber Crimes (ICACC), Mar. 2017, pp. 93–97, doi: 10.1109/Anti-Cybercrime.2017.7905270B. B. Zarpelão, R. S Miani, C. T. Kawakani, and S. C. de Alvarenga, ‘‘A survey of intrusion detection in Internet of Things,’’ J. Netw. Comput. Appl., vol. 84, pp. 25–37, Apr. 2017, doi: 10.1016/j.jnca.2017. 02.009.C. Anita S. and S. Gupta, ‘‘An effective model for anomaly IDS to improve the efficiency,’’ in Proc. Int. Conf. Green Comput. Internet Things (ICGCIoT), Oct. 2015, pp. 190–194, doi: 10.1109/ICGCIoT.2015.7380455.N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, ‘‘Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,’’ Future Gener. Comput. Syst., vol. 100, pp. 779–796, Nov. 2019, doi: 10.1016/j.future.2019.05.041. [Online]. Available: https://www.sciencedirect. com/science/article/pii/S0167739X18327687K. S. Kiran, R. K. Devisetty, N. P. Kalyan, K. Mukundini, and R. Karthi, ‘‘Building a intrusion detection system for IoT environment using machine learning techniques,’’ Proc. Comput. Sci., vol. 171, pp. 2372–2379, Jan. 2020, doi: 10.1016/j.procs.2020.04.257. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1877050920312497O. Almomani, M. A. Almaiah, A. Alsaaidah, S. Smadi, A. H. Mohammad, and A. Althunibat, ‘‘Machine learning classifiers for network intrusion detection system: Comparative study,’’ in Proc. Int. Conf. Inf. Technol. (ICIT), Jul. 2021, pp. 440–445, doi: 10.1109/ICIT52682.2021. 9491770.A. Sirisha, K. Chaitanya, K. V. S. S. R. Krishna, and S. S. Kanumalli, ‘‘Intrusion detection models using supervised and unsupervised algorithms—A comparative estimation,’’ Int. J. Saf. Secur. Eng., vol. 11, no. 1, pp. 51–58, Feb. 2021, doi: 10.18280/ijsse.110106.Z. K. Maseer, R. Yusof, N. Bahaman, S. A. Mostafa, and C. F. M. Foozy, ‘‘Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset,’’ IEEE Access, vol. 9, pp. 22351–22370, 2021, doi: 10.1109/ACCESS.2021. 3056614.H. Ao, ‘‘Using machine learning models to detect different intrusion on NSL-KDD,’’ in Proc. IEEE Int. Conf. Comput. Sci., Artif. Intell. Electron. Eng. (CSAIEE), Aug. 2021, pp. 166–177, doi: 10.1109/CSAIEE54046.2021.9543241.M. Shafiq, Z. Tian, Y. Sun, X. Du, and M. Guizani, ‘‘Selection of effective machine learning algorithm and Bot- IoT attacks traffic identification for Internet of Things in smart city,’’ Future Gener. Comput. Syst., vol. 107, pp. 433–442, Jun. 2020, doi: /10.1016/j.future.2020.02.017. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X19334880F. Anwar and S. Saravanan, ‘‘Comparison of artificial intelligence algorithms for IoT botnet detection on apache spark platform,’’ Proc. Comput. Sci., vol. 215, pp. 499–508, Jan. 2022, doi: 10.1016/j.procs.2022.12.052. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1877050922021238H. Lawrence, U. Ezeobi, O. Tauil, J. Nosal, O. Redwood, Y. Zhuang, and G. Bloom, ‘‘CUPID: A labeled dataset with pentesting for evaluation of network intrusion detection,’’ J. Syst. Archit., vol. 129, Aug. 2022, Art. no. 102621, doi: 10.1016/j.sysarc.2022.102621. [Online]. Available: https ://www.sciencedirect.com/science/article/pii/S1383762122001515T. Gaber, A. El-Ghamry, and A. E. Hassanien, ‘‘Injection attack detection using machine learning for smart IoT applications,’’ Phys. Commun., vol. 52, p. 101685, Jun. 2022, doi: 10.1016/j.phycom.2022.101685. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1874490722000490G. Rohini, C. G. Kousalya, and J. Bino, ‘‘Intrusion detection system with an ensemble learning and feature selection framework for IoT networks,’’ IETE J. Res., pp. 1–17, Aug. 2022, doi: 10.1080/03772063.2022.2098187M. S. Islam, I. Hussain, M. M. Rahman, S. J. Park, and M. A. Hossain, ‘‘Explainable artificial intelligence model for stroke prediction using EEG signal,’’ Sensors, vol. 22, no. 24, p. 9859, Dec. 2022, doi: 10.3390/s22249859.I. Hussain and S. J. Park, ‘‘Big-ECG: Cardiographic predictive cyber-physical system for stroke management,’’ IEEE Access, vol. 9, pp. 123146–123164, 2021, doi: 10.1109/ACCESS.2021.3109806.I. Hussain and S. J. Park, ‘‘HealthSOS: Real-time health monitoring system for stroke prognostics,’’ IEEE Access, vol. 8, pp. 213574–213586, 2020, doi: 10.1109/ACCESS.2020.3040437.T. Janarthanan and S. Zargari, ‘‘Feature selection in UNSW-NB15 and KDDCUP’99 datasets,’’ in Proc. IEEE 26th Int. Symp. Ind. Electron. (ISIE), Jun. 2017, pp. 1881–1886, doi: 10.1109/ISIE.2017.8001537.C. Beazley, K. Gadiya, R. K. U. Rakesh, D. Roden, B. Ye, B. Abraham, D. E. Brown, and M. Veeraraghavan, ‘‘Exploratory data analysis of a unified host and network dataset,’’ in Proc. Syst. Inf. Eng. Design Symp. (SIEDS), Apr. 2019, pp. 1–5, doi: 10.1109/SIEDS.2019.8735640.D. K. Bhattacharyya and J. K. Kalita. (2013). Network Anomaly Detection: A Machine Learning Perspective. [Online]. Available: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85053983816 &partnerID=40&md5=d08c13eb685e592ea4d6bac426f6b1f0S. Q. A. Shah, F. Z. Khan, and M. Ahmad, ‘‘The impact and mitigation of ICMP based economic denial of sustainability attack in cloud computing environment using software defined network,’’ Comput. Netw., vol. 187, Mar. 2021, Art. no. 107825, doi: 10.1016/j.comnet.2021.107825. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S138912862100013XP. Kumari and A. K. Jain, ‘‘A comprehensive study of DDoS attacks over IoT network and their countermeasures,’’ Comput. Secur., vol. 127, Apr. 2023, Art. no. 103096, doi: 10.1016/j.cose.2023.103096. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167404823000068A. Gupta and L. S. Sharma, ‘‘Detecting attacks in high-speed networks: Issues and solutions,’’ Inf. Secur. J., A Global Perspective, vol. 29, no. 2, pp. 51–61, Mar. 2020, doi: 10.1080/19393555.2020.1722296.S. Hijazi, M. S. Obaidat, and S. Obaidat, ‘‘Address resolution protocol spoofing attacks and security approaches:Asurvey,’’ Secur. Privacy, vol. 6, no. 3, 2018, doi: 10.1002/spy2.49.M. A. A. Ghamdi, ‘‘An optimized and secure energy-efficient blockchainbased framework in IoT,’’ IEEE Access, vol. 10, pp. 133682–133697, 2022, 10.1109/ACCESS.2022.3230985.S. B.Wankhede, ‘‘Study of network-based DoS attacks,’’ in Nanoelectronics, Circuits and Communication Systems, V. Nath and J. K. Mandal, Eds. Singapore: Springer, 2019S. Saito, K. Maruhashi, M. Takenaka, and S. Torii, ‘‘TOPASE: Detection and prevention of brute force attacks with disciplined IPs from IDS logs,’’ J. Inf. Process., vol. 24, no. 2, pp. 217–226, 2016, doi: 10.2197/ipsjjip.24.217N. Naik and P. Jenkins, ‘‘Discovering hackers by stealth: Predicting fingerprinting attacks on honeypot systems,’’ in Proc. IEEE Int. Syst. Eng. Symp. (ISSE), Oct. 2018, pp. 1–8, doi: 10.1109/SysEng.2018. 8544408.A. Sahi, D. Lai, Y. Li, and M. Diykh, ‘‘An efficient DDoS TCP flood attack detection and prevention system in a cloud environment,’’ IEEE Access, vol. 5, pp. 6036–6048, 2017, doi: 10.1109/ACCESS.2017.2688460.R. Gangula, V. M. Mohan, and R. Kumar, ‘‘A comprehence study of DDoS attack detecting algorithm using GRU-BWFA classifier,’’ Meas., Sensors, vol. 24, Dec. 2022, Art. no. 100570, doi: 10.1016/j.measen.2022.100570. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2665917422002045M. Catillo, A. Pecchia, and U. Villano, ‘‘No more DoS? An empirical study on defense techniques for web server denial of service mitigation,’’ J. Network Comput. Appl., vol. 202, 2022, Art. no. 103363, doi: /10.1016/j.jnca.2022.103363. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1084804522000303S. A. Abdullah, ‘‘SEUI-64, bits an IPv6 addressing strategy to mitigate reconnaissance attacks,’’ Eng. Sci. Technol., Int. J., vol. 22, no. 2, pp. 667–672, Apr. 2019, doi: 10.1016/j.jestch.2018.11.012. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2215098618312977W. Chang, Y. Liu, Y. Xiao, X. Xu, S. Zhou, X. Lu, and Y. Cheng, ‘‘Probability analysis of hypertension-related symptoms based on XGBoost and clustering algorithm,’’ Appl. Sci., vol. 9, no. 6, p. 1215, 2019, doi: 10.3390/app9061215. [Online]. Available: https://www.mdpi.com/2076- 3417/9/6/1215A. Géron, Hands-On Machine Learning With Scikit-Learn, Keras, and TensorFlow, 2nd ed. Sebastopol, CA, USA: O’Reilly Media, 2019.A. Abbas, M. A. Khan, S. Latif, M. Ajaz, A. A. Shah, and J. Ahmad, ‘‘Anewensemble-based intrusion detection system for Internet of Things,’’ Arabian J. Sci. Eng., vol. 47, no. 2, pp. 1805–1819, Feb. 2022, doi: 10.1007/s13369-021-06086-5.L. Liu, P.Wang, J. Lin, and L. Liu, ‘‘Intrusion detection of imbalanced network traffic based on machine learning and deep learning,’’ IEEE Access, vol. 9, pp. 7550–7563, 2021, doi: 10.1109/ACCESS.2020.3048198.F. Rustam, M. Khalid, W. Aslam, V. Rupapara, A. Mehmood, and G. S. Choi, ‘‘A performance comparison of supervised machine learning models for covid-19 tweets sentiment analysis,’’ PLoS One, vol. 16, no. 2, Feb. 2021, Art. no. e0245909, doi: 10.1371/journal.pone.0245909.A. Thakkar and R. Lohiya, ‘‘Attack classification using feature selection techniques: A comparative study,’’ J. Ambient Intell. Humanized Comput., vol. 12, no. 1, pp. 1249–1266, Jan. 2021, doi: 10.1007/S12652-020- 02167-9. [Online]. Available: https://bbibliograficas.ucc.edu.co:2201/ article/10.1007/s12652-020-02167-9M. C. Belavagi and B. Muniyal, ‘‘Multi class machine learning algorithms for intrusion detection—A performance study,’’ Commun. Comput. Inf. Sci., vol. 746, pp. 170–178, Nov. 2017, doi: 10.1007/978-981-10-6898-0_14.S. Bose, A. Pal, R. SahaRay, and J. Nayak, ‘‘Generalized quadratic discriminant analysis,’’ Pattern Recognit., vol. 48, no. 8, pp. 2676–2684, Aug. 2015, doi: 10.1016/j.patcog.2015.02.016. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S003132031500076XJ. Ma, Y. Ding, J. C. P. Cheng, Y. Tan, V. J. L. Gan, and J. Zhang, ‘‘Analyzing the leading causes of traffic fatalities using XGBoost and grid-based analysis: A city management perspective,’’ IEEE Access, vol. 7, pp. 148059–148072, 2019, doi: 10.1109/ACCESS.2019. 2946401.F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, A. Müller, J. Nothman, G. Louppe, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duchesnay, ‘‘Scikit-learn: Machine learning in Python,’’ J. Mach. Learn. Res., vol. 12, pp. 2825–2830, Oct. 2012.L. Buitinck, G. Louppe, M. Blondel, F. Pedregosa, A. Mueller, O. Grisel, V. Niculae, P. Prettenhofer, A. Gramfort, J. Grobler, R. Layton, J. VanderPlas, A. Joly, B. Holt, and G. Varoquaux, ‘‘API design for machine learning software: Experiences from the scikit-learn project,’’ in Proc. ECML PKDD Workshop, Lang. Data Mining Mach. Learn., 2013, pp. 108–122H. M and S. M. N, ‘‘A review on evaluation metrics for data classification evaluations,’’ Int. J. Data Mining Knowl. Manage. Process, vol. 5, no. 2, pp. 01–11, Mar. 2015, doi: 10.5121/ijdkp.2015.5201.H. B Arteaga-Arteaga, A. Mora-Rubio, F. Florez, N. Murcia-Orjuela, C. E. Diaz-Ortega, S. Orozco-Arias, M. Delapava, M. A. Bravo-Ortíz, M. Robinson, P. Guillen-Rondon, and R. Tabares-Soto, ‘‘Machine learning applications to predict two-phase flow patterns,’’ PeerJ Comput. Sci., vol. 7, p. e798, Nov. 2021.D. M. W. Powers, ‘‘Evaluation: From precision, recall andF-measure to ROC, informedness, markedness and correlation,’’ 2020, arXiv:2010.16061.B. Bengfort and R. Bilbro, ‘‘Yellowbrick: Visualizing the scikit-learn model selection process,’’ J. Open Source Softw., vol. 4, no. 35, p. 1075, Mar. 2019, doi: 10.21105/joss.01075. [Online]. Available: https://joss.theoj.org/papers/10.21105/joss.01075S. M. Lundberg and S.-I. Lee, ‘‘A unified approach to interpreting model predictions,’’ in Advances in Neural Information Processing Systems, vol. 30, I. Guyon, U. V. Luxburg, S. Bengio, H. Wallach, R. Fergus, S. Vishwanathan, and R. Garnett, Eds. Red Hook, NY, USA: Curran Associates, 2017. [Online]. Available: https://proceedings.neurips.cc/paper_files/paper/2017/file/ 8a20a8621978632d76c43dfd28b67767-Paper.pdfM. Verkerken, L. D’hooge, T. Wauters, B. Volckaert, and F. De Turck, ‘‘Towards model generalization for intrusion detection: Unsupervised machine learning techniques,’’ J. Netw. Syst. Manage., vol. 30, no. 1, Jan. 2022, doi: 10.1007/s10922-021-09615-7.Deep learningInternet de las cosasSistema de detección de intrusosAprendizaje automáticoRed de sensores inalámbricos.Deep learningInternet of thingsIntrusion detection systemMachine learningWireless sensor networkEnhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)Artículos Científicoshttp://purl.org/coar/resource_type/c_2df8fbb1http://purl.org/coar/version/c_970fb48d4fbd8a85info:eu-repo/semantics/articlehttp://purl.org/redcol/resource_type/ARTinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/closedAccesshttp://purl.org/coar/access_right/c_14cbPublicationLICENSElicense.txtlicense.txttext/plain; charset=utf-84334https://repository.ucc.edu.co/bitstreams/40b549e4-f2fa-46f3-8d2e-30d41628a484/download3bce4f7ab09dfc588f126e1e36e98a45MD51ORIGINALLicencia ART EnhancingInt.docxLicencia ART EnhancingInt.docxapplication/vnd.openxmlformats-officedocument.wordprocessingml.document30646https://repository.ucc.edu.co/bitstreams/d91c0616-f165-4492-924f-1f8f0efc39ed/download4d3d0d65fedb192379a75b5f836d701aMD52Articulo_IEEE_EnhancingIntrusion.pdfArticulo_IEEE_EnhancingIntrusion.pdfapplication/pdf3636765https://repository.ucc.edu.co/bitstreams/7ced1610-0ada-495d-a419-e5567e6f4c5f/download579c1ed651a0918f001af3c014f12f20MD53TEXTLicencia ART EnhancingInt.docx.txtLicencia ART EnhancingInt.docx.txtExtracted texttext/plain6240https://repository.ucc.edu.co/bitstreams/153211ff-1b92-4a33-b179-daf2cb0fe362/download505cfd34503c5f076b702a273e435618MD54Articulo_IEEE_EnhancingIntrusion.pdf.txtArticulo_IEEE_EnhancingIntrusion.pdf.txtExtracted texttext/plain82779https://repository.ucc.edu.co/bitstreams/bff6805a-a892-4593-9286-e208c60c015a/download0dfaf00846bde7e1428526d6a7ff18c3MD55THUMBNAILArticulo_IEEE_EnhancingIntrusion.pdf.jpgArticulo_IEEE_EnhancingIntrusion.pdf.jpgGenerated Thumbnailimage/jpeg15923https://repository.ucc.edu.co/bitstreams/ed96ddb8-ac94-41a5-bc0d-1449357e29a5/downloada52b06def014eec361a59fd7d2044ab3MD5620.500.12494/52795oai:repository.ucc.edu.co:20.500.12494/527952024-08-20 16:24:07.94open.accesshttps://repository.ucc.edu.coRepositorio Institucional Universidad Cooperativa de Colombiabdigital@metabiblioteca.comVU5JVkVSU0lEQUQgQ09PUEVSQVRJVkEgREUgQ09MT01CSUEKUkVQT1NJVE9SSU9TIElOU1RJVFVDSU9OQUxFUwpMSUNFTkNJQSBERSBVU08KClBvciBtZWRpbyBkZWwgcHJlc2VudGUgZG9jdW1lbnRvLCBlbCBBdXRvcihlcyksIG1heW9yIChlcykgZGUgZWRhZCwgcXVpZW4gZW4gYWRlbGFudGUgc2UgZGVub21pbmFyw6EgZWwgQVVUT1IsIGNvbmZpZXJlIGEgbGEgVU5JVkVSU0lEQUQgQ09PUEVSQVRJVkEgREUgQ09MT01CSUEsIGNvbiBOSVQuIDg2MC0wMjk5MjQtNywgdW5hIExJQ0VOQ0lBIERFIFVTTyBkZSBvYnJhLCBiYWpvIGxhcyBzaWd1aWVudGVzIGNvbmRpY2lvbmVzLgoKQ0zDgVVTVUxBUwoKUFJJTUVSQS4gT2JqZXRvLiBFTCBBVVRPUiBwb3IgZXN0ZSBhY3RvIGF1dG9yaXphIGxhIHV0aWxpemFjacOzbiBkZSBsYSBvYnJhLCBkZSBjb25mb3JtaWRhZCBjb24gbG8gZXN0aXB1bGFkbyBhIGNvbnRpbnVhY2nDs246IAoKKGEpIFBhcmEgZWZlY3RvcyBkZSBsYSBwcmVzZW50ZSBsaWNlbmNpYSBzZSBhdXRvcml6YSBsYSByZXByb2R1Y2Npw7NuIGRlIGxhIG9icmEgYW50ZXJpb3JtZW50ZSBjaXRhZGEsIGxhIGN1YWwgc2UgYWxvamFyw6EgZW4gZm9ybWF0byBkaWdpdGFsIGVuIGxhcyBwbGF0YWZvcm1hcyBvIHJlcG9zaXRvcmlvcyBhZG1pbmlzdHJhZG9zIHBvciBsYSBVTklWRVJTSURBRCBvIGVuIG90cm8gdGlwbyBkZSByZXBvc2l0b3Jpb3MgZXh0ZXJub3MgbyBww6FnaW5hcyB3ZWIgZXNjb2dpZG9zIHBvciBsYSBVTklWRVJTSURBRCwgcGFyYSBmaW5lcyBkZSBkaWZ1c2nDs24geSBkaXZ1bGdhY2nDs24uIEFkaWNpb25hbG1lbnRlLCBzZSBhdXRvcml6YSBhIHF1ZSBsb3MgdXN1YXJpb3MgaW50ZXJub3MgeSBleHRlcm5vcyBkZSBkaWNoYXMgcGxhdGFmb3JtYXMgbyByZXBvc2l0b3Jpb3MgcmVwcm9kdXpjYW4gbyBkZXNjYXJndWVuIGxhIG9icmEsIHNpbiDDoW5pbW8gZGUgbHVjcm8sIHBhcmEgZmluZXMgcHJpdmFkb3MsIGVkdWNhdGl2b3MgbyBhY2Fkw6ltaWNvczsgc2llbXByZSB5IGN1YW5kbyBubyBzZSB2aW9sZW4gYWN1ZXJkb3MgY29uIGVkaXRvcmVzLCBwZXJpb2RvcyBkZSBlbWJhcmdvIG8gYWN1ZXJkb3MgZGUgY29uZmlkZW5jaWFsaWRhZCBxdWUgYXBsaXF1ZW4uCgooYikgU2UgYXV0b3JpemEgbGEgY29tdW5pY2FjacOzbiBww7pibGljYSB5IGxhIHB1ZXN0YSBhIGRpc3Bvc2ljacOzbiBkZSBsYSBvYnJhIG1lbmNpb25hZGEsIGVuIGFjY2VzbyBhYmllcnRvLCBwYXJhIHN1IHV0aWxpemFjacOzbiBlbiBsYXMgcGxhdGFmb3JtYXMgbyByZXBvc2l0b3Jpb3MgYWRtaW5pc3RyYWRvcyBwb3IgbGEgVU5JVkVSU0lEQUQuCgooYykgTG8gYW50ZXJpb3IgZXN0YXLDoSBzdWpldG8gYSBsYXMgZGVmaW5pY2lvbmVzIGNvbnRlbmlkYXMgZW4gbGEgRGVjaXNpw7NuIEFuZGluYSAzNTEgZGUgMTk5MyB5IGxhIExleSAyMyBkZSAxOTgyLgoKClNFR1VOREEuIE9yaWdpbmFsaWRhZCB5IHJlY2xhbWFjaW9uZXMuIEVsIEFVVE9SIGRlY2xhcmEgcXVlIGxhIE9CUkEgZXMgb3JpZ2luYWwgeSBxdWUgZXMgZGUgc3UgY3JlYWNpw7NuIGV4Y2x1c2l2YSwgbm8gZXhpc3RpZW5kbyBpbXBlZGltZW50byBkZSBjdWFscXVpZXIgbmF0dXJhbGV6YSAoZW1iYXJnb3MsIHVzbyBkZSBtYXRlcmlhbCBwcm90ZWdpZG8gcG9yIGRlcmVjaG9zIGRlIGF1dG9yKSBwYXJhIGxhIGNvbmNlc2nDs24gZGUgbG9zIGRlcmVjaG9zIHByZXZpc3RvcyBlbiBlc3RlIGFjdWVyZG8uIEVsIEFVVE9SIHJlc3BvbmRlcsOhIHBvciBjdWFscXVpZXIgYWNjacOzbiBkZSByZWl2aW5kaWNhY2nDs24sIHBsYWdpbyB1IG90cmEgY2xhc2UgZGUgcmVjbGFtYWNpw7NuIHF1ZSBhbCByZXNwZWN0byBwdWRpZXJhIHNvYnJldmVuaXIuCgpURVJDRVJBLiBDb250cmFwcmVzdGFjacOzbi4gRWwgQVVUT1IgYXV0b3JpemEgYSBxdWUgc3Ugb2JyYSBzZWEgdXRpbGl6YWRhIGRlIGNvbmZvcm1pZGFkIGNvbiBsYSBjbMOhdXN1bGEgUFJJTUVSQSBkZSBmb3JtYSBncmF0dWl0YSwgZXMgZGVjaXIsIHF1ZSBsYSB1dGlsaXphY2nDs24gZGUgbGEgbWlzbWEgbm8gZ2VuZXJhIG5pbmfDum4gcGFnbyBvIHJlZ2Fsw61hcyBlbiBmYXZvciBkZSBlc3RlLgoKQ1VBUlRBLiBUaXR1bGFyaWRhZCBkZSBkZXJlY2hvcy4gRWwgcHJlc2VudGUgY29udHJhdG8gbm8gdHJhbnNmaWVyZSBsYSB0aXR1bGFyaWRhZCBkZSBsb3MgZGVyZWNob3MgcGF0cmltb25pYWxlcyBzb2JyZSBsYXMgb2JyYXMgYW50ZXJpb3JtZW50ZSBtZW5jaW9uYWRhcyBhIGxhIFVOSVZFUlNJREFELiDDmm5pY2FtZW50ZSBoYWNlIHJlbGFjacOzbiBhIHVuYSBsaWNlbmNpYSBubyBleGNsdXNpdmEgZW4gbG9zIHTDqXJtaW5vcyB5IGNvbmRpY2lvbmVzIGFudGVyaW9ybWVudGUgcGFjdGFkb3MuCgpRVUlOVEEuIENyw6lkaXRvcy4gTGEgVU5JVkVSU0lEQUQgc2UgY29tcHJvbWV0ZSBhIGRhciBhbCBBVVRPUiwgZWwgcmVjb25vY2ltaWVudG8gZGVudHJvIGNhZGEgZm9ybWEgZGUgdXRpbGl6YWNpw7NuIGVuIGxhIG9icmEuIExvcyBjcsOpZGl0b3MgZGViZW4gZmlndXJhciBlbiBjYWRhIHVubyBkZSBsb3MgZm9ybWF0b3MgbyByZWdpc3Ryb3MgZGUgcHVibGljYWNpw7NuLiBObyBjb25zdGl0dWlyw6EgdW5hIHZpb2xhY2nDs24gYSBsb3MgZGVyZWNob3MgbW9yYWxlcyBkZWwgYXV0b3IgbGEgbm8gcmVwcm9kdWNjacOzbiwgY29tdW5pY2FjacOzbiBvIGRlbcOhcyB1dGlsaXphY2lvbmVzIGRlIGxhIG9icmEuIExhIHV0aWxpemFjacOzbiBvIG5vIGRlIGxhIG9icmEsIGFzw60gY29tbyBzdSBmb3JtYSBkZSB1dGlsaXphY2nDs24gc2Vyw6EgZmFjdWx0YWQgZXhjbHVzaXZhIGRlIGxhIFVOSVZFUlNJREFELgogClNFWFRBLiBEdXJhY2nDs24geSB0ZXJyaXRvcmlvLiBMYSBwcmVzZW50ZSBsaWNlbmNpYSBkZSB1c28gcXVlIHNlIG90b3JnYSBhIGZhdm9yIGRlIGxhIFVOSVZFUlNJREFEIHRlbmRyw6EgdW5hIGR1cmFjacOzbiBlcXVpdmFsZW50ZSBhbCB0w6lybWlubyBkZSBwcm90ZWNjacOzbiBsZWdhbCBkZSBsYSBvYnJhIHkgcGFyYSB0b2RvcyBsb3MgcGHDrXNlcyBkZWwgbXVuZG8uCgpTw4lQVElNQS4gVXNvIGRlIENyZWF0aXZlIENvbW1vbnMuIEVsIEFVVE9SIGF1dG9yaXphcsOhIGxhIGRpZnVzacOzbiBkZSBzdSBjb250ZW5pZG8gYmFqbyB1bmEgbGljZW5jaWEgQ3JlYXRpdmUgQ29tbW9ucyBhdHJpYnVjacOzbiA0LjAgaW50ZXJuYWNpb25hbCwgcXVlIGRlYmVyw6EgaW5jbHVpcnNlIGVuIGVsIGNvbnRlbmlkby4gCgpPQ1RBVkEuIERlcmVjaG8gZGUgZXhjbHVzacOzbi4gQ2FkYSBhdXRvciBwdWVkZSBpbmRpY2FyIGVuIGVsIG1vbWVudG8gZGUgZGVww7NzaXRvIGRlbCBjb250ZW5pZG8gcXVlIGVsIHRleHRvIGNvbXBsZXRvIGRlIGxhIHByb2R1Y2Npw7NuIGFjYWTDqW1pY2EgbyBjaWVudMOtZmljYSBubyBlc3RlIGNvbiBhY2Nlc28gYWJpZXJ0byBlbiBlbCBSZXBvc2l0b3JpbyBJbnN0aXR1Y2lvbmFsIHBvciBtb3Rpdm9zIGRlIGNvbmZpZGVuY2lhbGlkYWQsIHBvcnF1ZSBzZSBlbmN1ZW50cmUgZW4gdsOtYXMgZGUgb2J0ZW5lciB1biBkZXJlY2hvIGRlIHByb3BpZWRhZCBpbmR1c3RyaWFsIG8gZXhpc3RpciBhY3VlcmRvcyBwcmV2aW9zIGNvbiB0ZXJjZXJvcyAoZWRpdG9yaWFsZXMsIHJldmlzdGFzIGNpZW50w61maWNhcywgb3RyYXMgaW5zdGl0dWNpb25lcykuIEVsIGF1dG9yIHNlIGNvbXByb21ldGUgYSBkZXBvc2l0YXIgbG9zIG1ldGFkYXRvcyBlIGluZm9ybWFyIGVsIHRpZW1wbyBkZSBlbWJhcmdvIGR1cmFudGUgZWwgY3VhbCBlbCB0ZXh0byBjb21wbGV0byB0ZW5kcsOhIGFjY2VzbyByZXN0cmluZ2lkby4gCgpOT1ZFTkEuIEVsIEFVVE9SIGFsIGFjZXB0YXIgZXN0YSBsaWNlbmNpYSBhZHVjZSBxdWUgZXN0YSBwcm9kdWNjacOzbiBzZSBkZXNhcnJvbGzDsyBlbiBlbCBwZXJpb2RvIGVuIHF1ZSBzZSBlbmN1ZW50cmEgY29uIHbDrW5jdWxvcyBjb24gTGEgVW5pdmVyc2lkYWQuCgpEw4lDSU1BLiBOb3JtYXMgYXBsaWNhYmxlcy4gUGFyYSBsYSBpbnRlcnByZXRhY2nDs24geSBjdW1wbGltaWVudG8gZGVsIHByZXNlbnRlIGFjdWVyZG8gbGFzIHBhcnRlcyBzZSBzb21ldGVuIGEgbGEgRGVjaXNpw7NuIEFuZGluYSAzNTEgZGUgMTk5MywgbGEgTGV5IDIzIGRlIDE5ODIgeSBkZW3DoXMgbm9ybWFzIGFwbGljYWJsZXMgZGUgQ29sb21iaWEuIEFkZW3DoXMsIGEgbGFzIG5vcm1hcyBJbnN0aXR1Y2lvbmFsZXMgcXVlIGFwbGlxdWVuLgoKTGEgcHJlc2VudGUgbGljZW5jaWEgc2UgYXV0b3JpemEgZW4gbGEgZmVjaGEgZGUgcHVibGljYWNpw7NuIGVuIGxvcyByZXBvc2l0b3Jpb3MgaW5zdGl0dWNpb25hbGVzLgo=

Enhancing Intrusion Detection in IoT Communications Through ML Model Generalization With a New Dataset (IDSAI)

Publicaciones similares