Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution

Version 1 : Received: 5 April 2024 / Approved: 8 April 2024 / Online: 8 April 2024 (05:04:39 CEST)

How to cite: Al Attar, R.; alkasassbeh, M.; Al-Dala’ien, M.; Alohaly, M. Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution. Preprints 2024, 2024040499. https://doi.org/10.20944/preprints202404.0499.v1 Al Attar, R.; alkasassbeh, M.; Al-Dala’ien, M.; Alohaly, M. Detecting Anomalies in IoT Devices: A Machine Learning-Based Solution. Preprints 2024, 2024040499. https://doi.org/10.20944/preprints202404.0499.v1

Abstract

The growing shift toward Internet of Things (IoT)-based solutions expands the attack surface of systems by connecting an extensive network of heterogeneous devices and technologies. The heterogeneity of IoT devices and the scale of the network often make conventional security measures impractical. Therefore, recent research efforts have focused on machine learning (ML)-based device-agnostic IoT security solutions. However, most proposed solutions have focused solely on detecting malicious traffic in IoT networks. While this is important, further information about the attack is needed to provide a comprehensive defense before, during, and after the incident. To address this gap, we proposed an anomaly-based intrusion detection model that detects malicious traffic and identifies the attack category and subcategory with high accuracy, recall, precision, and F1-score. The proposed intrusion detection model is an ensemble model that integrates multiple ML models to produce more robust and reliable detections. For evaluation, we performed three sets of experiments: (1) a binary classification to detect malicious traffic; (2) a multi-class classification to detect the attack category; and (3) a multi-class classification to detect the attack subcategory. In the experiments, our model achieved an accuracy, recall, precision, and F1-score of 100% for the binary detection; a precision, recall, and F1-score of 99% and an accuracy of 100% for the multi-class category classification; and an accuracy, recall, precision, and F1-score of 88% for the multi-class subcategory classification. These results suggest that the proposed model can reliably detect anomalies in IoT devices.

Keywords

IoT; machine learning; security; ensemble; IDS; anomaly detection 

Subject

Computer Science and Mathematics, Computer Networks and Communications

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0


×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.