Protocol-Based Deep Intrusion Detection for DoS and DDoS Attacks Using UNSW-NB15 and Bot-IoT Data-Sets

Muhammad Zeeshan; Qaiser Riaz; Muhammad Ahmad Bilal; Muhammad K. Shahzad; Hajira Jabeen; Syed Ali Haider; Azizur Rahim

doi:10.1109/ACCESS.2021.3137201

IEEE Access (Jan 2022)

Protocol-Based Deep Intrusion Detection for DoS and DDoS Attacks Using UNSW-NB15 and Bot-IoT Data-Sets

Muhammad Zeeshan,
Qaiser Riaz,
Muhammad Ahmad Bilal,
Muhammad K. Shahzad,
Hajira Jabeen,
Syed Ali Haider,
Azizur Rahim

Affiliations

Muhammad Zeeshan: ORCiD; Department of Computing, School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Islamabad, Pakistan
Qaiser Riaz: ORCiD; Department of Computing, School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Islamabad, Pakistan
Muhammad Ahmad Bilal: ORCiD; Department of Computing, School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Islamabad, Pakistan
Muhammad K. Shahzad: Department of Computing, School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Islamabad, Pakistan
Hajira Jabeen: CEPLAS—Cluster of Excellence on Plant Sciences, University of Cologne, Albertus-Magnus-Platz, Köln, Germany
Syed Ali Haider: ORCiD; Department of Computer and Information Sciences, State University of New York at Fredonia, Fredonia, NY, USA
Azizur Rahim: Department of Computing, School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Islamabad, Pakistan

DOI: https://doi.org/10.1109/ACCESS.2021.3137201
Journal volume & issue: Vol. 10
pp. 2269 – 2283

Abstract

Read online

Since its inception, the Internet of Things (IoT) has witnessed mushroom growth as a breakthrough technology. In a nutshell, IoT is the integration of devices and data such that processes are automated and centralized to a certain extent. IoT is revolutionizing the way business is done and is transforming society as a whole. As this technology advances further, the need to exploit detection and weakness awareness increases to prevent unauthorized access to critical resources and business functions, thereby rendering the system unavailable. Denial of Service (DoS) and Distributed DoS attacks are all too common. In this paper, we propose a Protocol Based Deep Intrusion Detection (PB-DID) architecture, in which we created a data-set of packets from IoT traffic by comparing features from the UNSWNB15 and Bot-IoT data-sets based on flow and Transmission Control Protocol (TCP). We classify non-anomalous, DoS, and DDoS traffic uniquely by taking care of the problems like imbalanced and over-fitting. We have achieved a classification accuracy of 96.3% by using deep learning (DL) technique.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords