Version 1
: Received: 5 April 2024 / Approved: 8 April 2024 / Online: 8 April 2024 (05:04:39 CEST)
How to cite:
Al Attar, R.; alkasassbeh, M.; Al-Dala’ien, M.; Alohaly, M. Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution. Preprints2024, 2024040499. https://doi.org/10.20944/preprints202404.0499.v1
Al Attar, R.; alkasassbeh, M.; Al-Dala’ien, M.; Alohaly, M. Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution. Preprints 2024, 2024040499. https://doi.org/10.20944/preprints202404.0499.v1
Al Attar, R.; alkasassbeh, M.; Al-Dala’ien, M.; Alohaly, M. Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution. Preprints2024, 2024040499. https://doi.org/10.20944/preprints202404.0499.v1
APA Style
Al Attar, R., alkasassbeh, M., Al-Dala’ien, M., & Alohaly, M. (2024). <strong></strong>Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution. Preprints. https://doi.org/10.20944/preprints202404.0499.v1
Chicago/Turabian Style
Al Attar, R., Mu’awya Al-Dala’ien and Manar Alohaly. 2024 "<strong></strong>Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution" Preprints. https://doi.org/10.20944/preprints202404.0499.v1
Abstract
The growing shift toward Internet of Things (IoT)-based solutions expands the attack surface of systems by connecting an extensive network of heterogeneous devices and technologies. The heterogeneity of IoT devices and the scale of the network often make conventional security measures impractical. Therefore, recent research efforts have focused on machine learning (ML)-based device-agnostic IoT security solutions. However, most proposed solutions have focused solely on detecting malicious traffic in IoT networks. While this is important, further information about the attack is needed to provide a comprehensive defense before, during, and after the incident. To address this gap, we proposed an anomaly-based intrusion detection model that detects malicious traffic and identifies the attack category and subcategory with high accuracy, recall, precision, and F1-score. The proposed intrusion detection model is an ensemble model that integrates multiple ML models to produce more robust and reliable detections. For evaluation, we performed three sets of experiments: (1) a binary classification to detect malicious traffic; (2) a multi-class classification to detect the attack category; and (3) a multi-class classification to detect the attack subcategory. In the experiments, our model achieved an accuracy, recall, precision, and F1-score of 100% for the binary detection; a precision, recall, and F1-score of 99% and an accuracy of 100% for the multi-class category classification; and an accuracy, recall, precision, and F1-score of 88% for the multi-class subcategory classification. These results suggest that the proposed model can reliably detect anomalies in IoT devices.
Computer Science and Mathematics, Computer Networks and Communications
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.