IEEE Access (Jan 2024)
Securing the IoT Cyber Environment: Enhancing Intrusion Anomaly Detection With Vision Transformers
Abstract
The ever-expanding Internet of Things (IoT) landscape presents a double-edged sword. While it fosters interconnectedness, the vast amount of data generated by IoT devices creates a larger attack surface for cybercriminals. Intrusions in these environments can have severe consequences. To combat this growing threat, robust intrusion detection systems (IDS) are crucial. The data comprised by this attack is multivariate, highly complex, non-stationary, and nonlinear. To extract the complex patterns from this complex data, we require the most robust, optimized tools. Machine learning (ML) and deep learning (DL) have emerged as powerful tools for IDSs, offering high accuracy in detecting and preventing security breaches. This research delves into anomaly detection, a technique that identifies deviations from normal system behavior, potentially indicating attacks. Given the complexity of anomaly data, we explore methods to improve detection performance. This research investigates the design and evaluation of a novel IDS. We leverage and optimize supervised ML methods like tree-based Support Vector Machines (SVM), ensemble methods, and neural networks (NN) alongside the cutting-edge DL approach of long short-term memory (LSTM) and vision transformers (ViT). We optimized the hyperparameters of these algorithms using a robust Bayesian optimization approach. The implemented ML models achieved impressive training accuracy, with Random Forest and Ensemble Bagged Tree surpassing 99.90% of accuracy, an AUC of 1.00, an F1-score, and a balanced Matthews Correlation Coefficient (MCC) of 99.78%. While the initial deep learning LSTM model yielded an accuracy of 99.97%, the proposed ViT architecture significantly boosted performance with 100% of all metrics, along with a validation accuracy of 78.70% and perfect training accuracy. This study demonstrates the power of our new methods for detecting and stopping attacks on Internet of Things (IoT) networks. This improved detection offers a three-pronged approach to security: increased system reliability through attack prevention, enhanced security by swiftly identifying and mitigating fraudulent activity, and optimized network performance by preventing malicious attacks. Consequently, these methods offer significant potential for fortifying the security of IoT networks.
Keywords