Go to DBLP homepageRobust detection of unknown DoS/DDoS attacks in IoT networks using a hybrid learning model
Abstract: The fourth industrial revolution is marked by the rapid growth of Internet of Things (IoT) technology, leading to an increase in the number of IoT devices. Unfortunately, this also makes these devices more susceptible to cyber threats, especially DoS/DDoS attacks. While supervised learning models have been adopted to detect and mitigate these threats, they have limitations in detecting unknown attacks that can cause severe consequences. This research aims to address those limitations and provide better protection for IoT networks against DoS/DDoS attacks. We propose a new approach that combines a soft-ordering convolutional neural network (SOCNN) model with local outlier factor (LOF) and isolation-based anomaly detection using nearest-neighbor ensembles (iNNE) models that use both supervised and unsupervised learning methods. We evaluated our approach on three benchmark datasets with varying unknown attack scenarios, and our hybrid model achieved high accuracy in detecting unknown attacks with an average F1-score of 98.94%, 91.68%, and 96.07%, respectively, on BoT-IoT, CIC-IDS-2017, and CIC-IDS-2018 datasets, outperforming state-of-the-art competitors. Our model also showed resilience against adversarial attacks such as the fast gradient sign method (FGSM) and Carlini Wagner (CW) adversarial attacks, highlighting the potential of our approach to enhance IoT network security against DoS/DDoS attacks in unknown attack scenarios.
Loading