A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks

Haddad Pajouh, H, Javadian, R, Khayami, R, Dehghantanha, A and Choo, R 2016, 'A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks' , IEEE Transactions on Emerging Topics in Computing . (In Press)

[img]
Preview
PDF - Accepted Version
Download (978kB) | Preview

Abstract

With increasing reliance on Internet of Things (IoT) devices and services, the capability to detect intrusions and malicious activities within IoT networks is critical for resilience of the network infrastructure. In this paper, we present a novel model for intrusion detection based on two-layer dimension reduction and two-tier classification module, designed to detect malicious activities such as User to Root (U2R) and Remote to Local (R2L) attacks. The proposed model is using component analysis and linear discriminate analysis of dimension reduction module to spate the high dimensional dataset to a lower one with lesser features. We then apply a two-tier classification module utilizing Naïve Bayes and Certainty Factor version of K-Nearest Neighbor to identify suspicious behaviors. The experiment results using NSL-KDD dataset shows that our model outperforms previous models designed to detect U2R and R2L attacks.

Item Type: Article
Schools: Schools > School of Computing, Science and Engineering > Salford Innovation Research Centre (SIRC)
Journal or Publication Title: IEEE Transactions on Emerging Topics in Computing
Publisher: IEEE
ISSN: 2168-6750
Funders: EU FP7 Marie Curie
Depositing User: Dr. Ali Dehghantanha
Date Deposited: 12 Dec 2016 11:21
Last Modified: 09 Aug 2017 01:57
URI: http://usir.salford.ac.uk/id/eprint/40937

Actions (login required)

Edit record (repository staff only) Edit record (repository staff only)

Downloads

Downloads per month over past year