Dynamic Attack Detection in IoT Networks: An Ensemble Learning Approach With Q-Learning and Explainable AI

Padmasri Turaka; Saroj Kumar Panigrahy

doi:10.1109/ACCESS.2024.3485989

IEEE Access (Jan 2024)

Dynamic Attack Detection in IoT Networks: An Ensemble Learning Approach With Q-Learning and Explainable AI

Padmasri Turaka,
Saroj Kumar Panigrahy

Affiliations

Padmasri Turaka: School of Computer Science and Engineering, VIT-AP University, Amaravati, Andhra Pradesh, India
Saroj Kumar Panigrahy: ORCiD; School of Computer Science and Engineering, VIT-AP University, Amaravati, Andhra Pradesh, India

DOI: https://doi.org/10.1109/ACCESS.2024.3485989
Journal volume & issue: Vol. 12
pp. 161925 – 161940

Abstract

Read online

Due to the exponential increase in work-from-home adoption, Internet of Things (IoT) networks are under threat of constant attacks from internal and external adversaries. Thus, intrusion detection (ID) has become a vital component while designing interconnected networks. Existing ID Models for IoT either work on static attacks or incorporate high-complexity models for the detection of dynamic network attacks. Moreover, most of these models are unable to scale under hybrid attack scenarios. The work suggests creating an effective Ensemble Learning-based attack detection System for the classification of Dynamic attacks to address these problems. Initially, the suggested methodology uses network logs to gather several data samples for various breaches. These samples are represented as multidomain feature sets including Gabor, entropy, wavelet, frequency, and correlation components among other components. A moth flame optimizer (MFO) is used to choose the extracted components and helps identify Feature variance sets with high interclass variances. The selected features are categorized into different attack classes via an ensemble of k nearest neighbors (kNN), support vector machine (SVM), logistic regression (LR), Naïve Bayes (NB), and multilayer perceptron (MLP) algorithms. The results obtained from these classifiers are further tuned via the use of a Q-Learning based dynamic attack identification process. This process identifies micro-attack signatures via explainable artificial intelligence (XAI) to re-train the feature extraction and selection layer, thereby assisting in the classification of hybrid dynamic attacks. The XAI layer is built using a combination of XceptionNet and Transfer learning, which assists in continuous enhancements in attack mitigation even during dynamic attacks. These procedures allow the suggested model can improve attack classification accuracy by 8.5%, precision by 4.9%, and recall by 6.4%, while reducing the complexity by 5.9% when compared with existing attack categorization techniques.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords