ارائه مدلی ترکیبی مبتنی بر یادگیری ماشین و تحلیل مولفه¬های اصلی برای تشخیص حملات در اینترنت اشیا
زهرا شهپر
1
(
گروه مهندسی کامپیوتر، واحد زابل، دانشگاه آزاد اسلامی، زابل، ایران
)
محمدرضا بدرقه
2
(
گروه مهندسی کامپیوتر، واحد فردوس، دانشگاه آزاد اسلامی، فردوس، ایران
)
کلید واژه: اینترنت اشیا, سیستم تشخیص نفوذ, تحلیل مؤلفههای اصلی (PCA), یادگیری ماشین,
چکیده مقاله :
با گسترش سریع اینترنت اشیا و افزایش تعداد دستگاههای متصل به اینترنت، امنیت سیستمهای اینترنت اشیا به چالشی جدی تبدیل شده است. به دلیل دسترسی ساده به این دستگاهها و ضعفهای امنیتی موجود، شاهد حملات متنوع و افزایش نفوذ به این سیستمها هستیم. یکی از ابزارهای مؤثر در مقابله با این تهدیدات، سیستمهای تشخیص نفوذ است. در این پژوهش مدلی ترکیبی برای تشخیص نفوذ در شبکههای اینترنت اشیا ارائه میشود که از روشهای یادگیری ماشین (رگرسیون لجستیک، ماشین بردار پشتیبان، نزدیکترین همسایه، جنگل تصادفی، درخت تصمیم و شبکه عصبی چندلایه) در کنار تحلیل مؤلفههای اصلی (PCA) برای کاهش ابعاد دادهها بهره میبرد. روش پیشنهادی بر روی مجموعه داده UNSW-NB15 پیادهسازی و بررسی شد. بر اساس نتایج به دست آمده؛ مدل رگرسیون لجستیک با دقت تک کلاسی 97.84% و دقت چند کلاسی 89.81%، مدل ماشین بردار پشتیبان با دقت تک کلاسی 97.85% و دقت چند کلاسی 89.89%، مدل نزدیکترین همسایه با دقت تک کلاسی 98.31% و دقت چند کلاسی 88.55%، مدل درخت تصمیم با دقت تک کلاسی 98.11% و دقت چند کلاسی 85.45% و مدل شبکه عصبی چند لایه با دقت تک کلاسی 98.39% و دقت چند کلاسی 89.94% توانسته اند انواع حملات مختلف را شناسایی کنند. به طور خاص نتایج به دست آمده حاکی از آن است که ، مدل جنگل تصادفی با دقت تک کلاسی 98.63% و دقت چند کلاسی 89.06%،. بهترین عملکرد را در میان مدلها دارد. همچنین نرخ مثبت کاذب به حدود ۴٪ کاهش یافت و زمان پردازش به کمتر از ۱ میلی ثانیه رسید. مقایسه روش پیشنهادی با سایر روشها از نشان داد که روش پیشنهادی با دقت ۸۴%، بهبود قابل توجهی در دقت، کارایی و سرعت ارائه می دهد. به طور کلی، مدل پیشنهادی میتواند به عنوان روشی مؤثر و قابل اعتماد برای تشخیص حملات در شبکههای اینترنت اشیا به ویژه در محیطهای با منابع محدود مورد استفاده قرار گیرد.
چکیده انگلیسی :
With the rapid expansion of the Internet of Things and the increase in the number of devices connected to the Internet, the security of Internet of Things systems has become a serious challenge. Due to the easy access to these devices and existing security weaknesses, we are witnessing various attacks and an increasing penetration of these systems. One of the effective tools in dealing with these threats is intrusion detection systems. In this study, a hybrid model for intrusion detection in Internet of Things networks is presented that uses machine learning methods (logistic regression, support vector machine, nearest neighbor, random forest, decision tree, and multilayer neural network) along with principal component analysis (PCA) to reduce data dimensions. The proposed method was implemented and investigated on the UNSW-NB15 dataset. Based on the results obtained; The logistic regression model with a single-class accuracy of 97.84% and a multi-class accuracy of 89.81%, the support vector machine model with a single-class accuracy of 97.85% and a multi-class accuracy of 89.89%, the nearest neighbor model with a single-class accuracy of 98.31% and a multi-class accuracy of 88.55%, the decision tree model with a single-class accuracy of 98.11% and a multi-class accuracy of 85.45%, and the multilayer neural network model with a single-class accuracy of 98.39% and a multi-class accuracy of 89.94% have been able to identify different types of attacks. In particular, the results obtained indicate that the random forest model with a single-class accuracy of 98.63% and a multi-class accuracy of 89.06% has the best performance among the models. Also, the false positive rate was reduced to about 4% and the processing time was less than 1 millisecond. Comparison of the proposed method with other methods showed that the proposed method, with an accuracy of 84% provides significant improvement in accuracy, efficiency, and speed. Overall, the proposed model can be used as an effective and reliable method for detecting attacks in IoT networks, especially in resource-constrained environments
[1] S. Sadhwani, B. Manibalan, R. Muthalagu, and P. Pawar, "A lightweight model for DDoS attack detection using machine learning techniques," Applied Sciences, vol. 13, no. 17, p. 9937, 2023.
[2] T. Zhang, L. Gao, C. He, M. Zhang, B. Krishnamachari, and A. S. Avestimehr, "Federated learning for the internet of things: Applications, challenges, and opportunities," IEEE Internet of Things Magazine, vol. 5, no. 1, pp. 24-29, 2022.
[3] B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and S. C. De Alvarenga, "A survey of intrusion detection in Internet of Things," Journal of Network and Computer Applications, vol. 84, pp. 25-37, 2017.
[4] M. Ahmid and O. Kazar, "A comprehensive review of the internet of things security," Journal of Applied Security Research, vol. 18, no. 3, pp. 289-305, 2023.
[5] N. Dat-Thinh, H. Xuan-Ninh, and L. Kim-Hung, "MidSiot: A multistage intrusion detection system for internet of things," Wireless Communications and Mobile Computing, vol. 2022, no. 1, p. 9173291, 2022.
[6] L. Strous, S. von Solms, and A. Zúquete, "Security and privacy of the Internet of Things," Computers & Security, vol. 102, p. 102148, 2021.
[7] S. Pandey and B. Bhushan, "Recent Lightweight cryptography (LWC) based security advances for resource-constrained IoT networks," Wireless Networks, vol. 30, no. 4, pp. 2987-3026, 2024.
[8] P. Fusco, A. Montefusco, G. P. Rimoli, F. Palmieri, and M. Ficco, "TinyML-Based Intrusion Detection System for Handling Class Imbalance in IoT-Edge Domain Using Siamese Neural Network on MCU," in International Conference on Advanced Information Networking and Applications, 2025: Springer, pp. 389-402.
[9] K. A. Da Costa, J. P. Papa, C. O. Lisboa, R. Munoz, and V. H. C. de Albuquerque, "Internet of Things: A survey on machine learning-based intrusion detection approaches," Computer Networks, vol. 151, pp. 147-157, 2019.
[10] E. Konstantopoulou, G. Athanasiou, and N. Sklavos, "Review and Analysis of FPGA and ASIC Implementations of NIST Lightweight Cryptography Finalists," ACM Computing Surveys, vol. 57, no. 10, pp. 1-35, 2025.
[11] H. Griffioen and C. Doerr, "Examining Mirai's battle over the Internet of Things," in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pp. 743-756.
[12] M. Kintzlinger and N. Nissim, "Keep an eye on your personal belongings! The security of personal medical devices and their ecosystems," Journal of biomedical informatics, vol. 95, p. 103233, 2019.
[13] M. Ahmed, A. N. Mahmood, and J. Hu, "A survey of network anomaly detection techniques," Journal of Network and Computer Applications, vol. 60, pp. 19-31, 2016.
[14] A. A. Diro and N. Chilamkurti, "Distributed attack detection scheme using deep learning approach for Internet of Things," Future Generation Computer Systems, vol. 82, pp. 761-768, 2018.
[15] S. D. Babar and P. N. Mahalle, "A hash key-based key management mechanism for cluster-based wireless sensor network," Journal of Cyber Security and Mobility, pp. 73-88, 2016.
[16] A. Fatani, A. Dahou, M. A. Al-Qaness, S. Lu, and M. A. Elaziz, "Advanced feature extraction and selection approach using deep learning and Aquila optimizer for IoT intrusion detection system," Sensors, vol. 22, no. 1, p. 140, 2021.
[17] R. A. Disha and S. Waheed, "Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based Weighted Random Forest (GIWRF) feature selection technique," Cybersecurity, vol. 5, no. 1, p. 1, 2022.
[18] M. Mohy-Eddine, A. Guezzaz, S. Benkirane, and M. Azrour, "An effective intrusion detection approach based on ensemble learning for IIoT edge computing," Journal of Computer Virology and Hacking Techniques, vol. 19, no. 4, pp. 469-481, 2023.
[19] R. S. Tiwari, D. Lakshmi, T. K. Das, A. K. Tripathy, and K.-C. Li, "A lightweight optimized intrusion detection system using machine learning for edge-based IIoT security," Telecommunication Systems, pp. 1-20, 2024.
[20] M. J. Awan et al., "Real-time DDoS attack detection system using big data approach," Sustainability, vol. 13, no. 19, p
[21] W. Elmasry, A. Akbulut, and A. H. Zaim, "A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service" Open Computer Science, vol. 11, no. 1, 2021, pp. 365-379. https://doi.org/10.1515/comp-2020-0214.
[22] M. Sarhan, S. Layeghy, N. Moustafa, and M. Portmann, "Netflow datasets for machine learning-based network intrusion detection systems," in Big Data Technologies and Applications: 10th EAI International Conference, BDTA 2020, and 13th EAI International Conference on Wireless Internet, WiCON 2020, Virtual Event, December 11, 2020, Proceedings 10, 2021: Springer, pp. 117-135.
[23] M. S. M. AL-inizi, Y. T. Alzubaidi, S. H. Oleiwi, N. A. A. Zahra, and J. F. Yonan, "Improvement Networks Intrusion Detection System Using Artificial Neural Networks (ANN)," in International Conference On Innovative Computing And Communication, 2024: Springer, pp. 571-587.