Volume 10 Issue 1
RBM-CNN: A Combined Deep Learning Model for Intrusion Detection in IoT Networks
Olufunke
Abstract
New devices join millions of existing ones in the Internet of Things (IoT) network. Associated threats/attacks/intrusions to network data and IoT devices themselves need to be identified and mitigating actions taken in a timely manner to secure data and protect the network. Network intrusions continually evolve due to the creation of new attacks and this has presented an ever-changing challenge. One of the ways to overcome this is the deployment of Intrusion Detection Systems (IDS). While IDS have been found to be effective in this regard, some studies have shown that there is a drop in IDS performance when datasets larger than the one with which they are trained are encountered. An anomaly-based IDS is proposed to overcome this challenge. The proposed IDS leverages two deep learning (DL) techniques – the Restricted Boltzmann Machine (RBM) and the one-dimensional Convolutional Neural Network (1D-CNN). Proposed model performances were evaluated using the NSL-KDD benchmark dataset (148k+ data points) and the much larger CSE CIC-IDS2018 dataset (11M+ data points). With the unbalanced NSL-KDD dataset, it was observed that the model was better suited for dealing with DOS attacks only. To improve performance, the balanced NSL-KDD dataset was used and it was observed that the model performed better for all metrics. The model was thereafter evaluated using the balanced CSE-CIC-IDS2018 dataset with the model performing very well overall with the exception of accuracy which experienced some reduction (from 0.9585 to 0.8564). While reduced accuracy is not preferred, precision and recall values improved from 0.8451 to 0.8689 and from 0.7423 to 0.8564 respectively. This is crucial in anomaly/intrusion detection with high precision indicating a low rate of false positives and high recall indicating the model is effectively capturing most of the anomalies. Thus, the proposed model will be very useful in IoT applications with its ever-expanding dataset.
Keywords
Full Text
Download
References