Enhancing IoT device security: CNN-SVM hybrid approach for real-time detection of DoS and DDoS attacks

Al-Na’amneh Qais; Aljaidi Mohammad; Nasayreh Ahmad; Gharaibeh Hasan; Al Mamlook Rabia Emhamed; Jaradat Ameera S.; Alsarhan Ayoub; Samara Ghassan

doi:10.1515/jisys-2023-0150

Journal of Intelligent Systems (Nov 2024)

Enhancing IoT device security: CNN-SVM hybrid approach for real-time detection of DoS and DDoS attacks

Al-Na’amneh Qais,
Aljaidi Mohammad,
Nasayreh Ahmad,
Gharaibeh Hasan,
Al Mamlook Rabia Emhamed,
Jaradat Ameera S.,
Alsarhan Ayoub,
Samara Ghassan

Affiliations

Al-Na’amneh Qais: Department of Cyber Security and Cloud Computing, Faculty of Information Technology, Applied Science Private University, Amman, 11937, Jordan
Aljaidi Mohammad: Department of Computer Science, Faculty of Information Technology, Zarqa University, Zarqa, 13110, Jordan
Nasayreh Ahmad: Department of Computer Science, Information Technology and Computer Science, Yarmouk University, Irbid, 211633, Jordan
Gharaibeh Hasan: Department of Computer Science, Information Technology and Computer Science, Yarmouk University, Irbid, 211633, Jordan
Al Mamlook Rabia Emhamed: Department of Business Administration, Trine University, Indiana, P.O. Box 49008, USA
Jaradat Ameera S.: Department of Computer Science, Information Technology and Computer Science, Yarmouk University, Irbid, 211633, Jordan
Alsarhan Ayoub: Department of Information Technology, Faculty of Prince Al-Hussein Bin Abdallah II for Information Technology, The Hashemite University, Zarqa, 13116, Jordan
Samara Ghassan: Department of Computer Science, Faculty of Information Technology, Zarqa University, Zarqa, 13110, Jordan

DOI: https://doi.org/10.1515/jisys-2023-0150
Journal volume & issue: Vol. 33, no. 1
pp. 989 – 95

Abstract

Read online

The Internet of Things (IoT) has expanded into a realm of cutting-edge integrated solutions across numerous applications, following three stages of development: communication, authentication, and computing. However, each layer inside the three tier IoT architecture faces a spectrum of security concerns due to the IoT’s openness, scope, and resource limits. Therefore, developing a secure IoT system is vital, shielding against attackers leveraging IoT devices to obtain network access and maintaining data security during transmission between these devices. Despite developments in Intrusion Detection Systems, identifying Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks in real-time remains a significant issue, especially in the environment of IoT devices, which are diverse and resource restricted. This study provides a Convolutional Neural Network-Support Vector Machine (CNN-SVM) hybrid technique, targeted at overcoming these limits by enhancing detection speed and accuracy, thus addressing this substantial gap in the area. This research offers a hybrid model that combines CNN for feature extraction with SVM as a classifier. This model employs a CNN to extract essential elements from the data and classifies attacks as either DDoS or benign. Our results highlight the potential performance of our model, which was trained on the real Canadian institute for cybersecurity (CIC) IoT dataset in 2023. Notably, our hybrid model outperformed classic machine learning (ML) alternatives such as CNN, SVM, K-nearest neighbors, Naïve Bayes, and Logistic Regression. During testing, our model attained a remarkable accuracy rate of 99% and an F1-score of 99%, outperforming the highest-performing SVM ML model with an accuracy of 98% and the other ML methods.

Published in Journal of Intelligent Systems

ISSN: 0334-1860 (Print); 2191-026X (Online)
Publisher: De Gruyter
Country of publisher: Poland
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: https://www.degruyter.com/view/journals/jisys/jisys-overview.xml

About the journal

Abstract

Keywords