Machine learning-based detection of DDoS attacks on IoT devices in multi-energy systems

Hesham A. Sakr; Mostafa M. Fouda; Ahmed F. Ashour; Ahmed Abdelhafeez; Magda I. El-Afifi; Mohamed Refaat Abdellah

Egyptian Informatics Journal (Dec 2024)

Machine learning-based detection of DDoS attacks on IoT devices in multi-energy systems

Hesham A. Sakr,
Mostafa M. Fouda,
Ahmed F. Ashour,
Ahmed Abdelhafeez,
Magda I. El-Afifi,
Mohamed Refaat Abdellah

Affiliations

Hesham A. Sakr: Communications and Electronics Department-Nile Higher Institute for Engineering and Technology-Mansoura, Egypt; Faculty of Engineering Technology, Elsewedy University of Technology, Egypt; Corresponding author.
Mostafa M. Fouda: Department of Electrical and Computer Engineering, College of Science and Engineering, Idaho State University, Pocatello, ID, USA; Department of Electrical Engineering, Faculty of Engineering at Shoubra, Benha University, Cairo 11629, Egypt
Ahmed F. Ashour: Department of Electrical and Computer Engineering, College of Science and Engineering, Idaho State University, Pocatello, ID, USA; Department of Electronics and Communications Engineering, The American University in Cairo, AUC, New Cairo, Cairo 11835, Egypt
Ahmed Abdelhafeez: Faculty of Information Systems and Computer Science - October 6th University, Egypt
Magda I. El-Afifi: Communications and Electronics Department-Nile Higher Institute for Engineering and Technology-Mansoura, Egypt
Mohamed Refaat Abdellah: Faculty of Information Systems and Computer science-Misr University for Science and Technology, Egypt

Journal volume & issue: Vol. 28
p. 100540

Abstract

Read online

With the growing integration of IoT devices in critical infrastructure, cybersecurity threats such as Distributed Denial of Service (DDoS) attacks on Energy Hubs (EH) have become a significant concern. This study aims to address these challenges by evaluating the effectiveness of various supervised machine learning (ML) algorithms in predicting DDoS attacks targeting EH systems through IoT devices. Using the CICDDOS2019 and KDD-CUP datasets, a comprehensive analysis was conducted on several classifiers, including Decision Tree (DT), Gradient Boosting, Support Vector Machine (SVM), K-Nearest Neighbors (KNN), and Random Forest. The results highlight Gradient Boosting as the most effective model, particularly for the CICDDOS2019 dataset, demonstrating superior accuracy and predictive capability. Additionally, hybrid models combining Gradient Boosting with SVM or DT showed strong performance, though with varying precision and recall. This study provides valuable insights into the selection and tailoring of ML models for specific security challenges, emphasizing the need for ongoing research to enhance the resilience of EH systems and IoT devices against evolving DDoS threats.

Published in Egyptian Informatics Journal

ISSN: 1110-8665 (Print)
Publisher: Elsevier
Country of publisher: Netherlands
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://www.sciencedirect.com/journal/egyptian-informatics-journal

About the journal

Abstract

Keywords