Abstract
The relevance of solving the problem of choosing machine learning models for detecting anomalies in network traffic of the Internet of Things is associated with the need to analyze a large number of security events to identify abnormal behavior of smart devices. The aim of the research was to investigate machine learning models for detecting anomalies in IoT network traffic. A comparative analysis of machine learning models was carried out and recommendations for their use for detecting anomalies in the Internet of Things network traffic were provided. Naive Bayes, Support Vector Machine, Logistic Regression, K-nearest neighbors, Boosting and Random Forest were considered as basic machine learning models. Anomaly detection efficiency indicators were the following metrics: accuracy, precision, recall and F score, as well as the time spent on training the model. As a result of the study, it was found that the preparation of traditional machine learning models takes a little time, since it does not require more resources and computing power. The machine learning models built during the experiment demonstrated high accuracy rates for detecting anomalies in large heterogeneous traffic typical of the Internet of Things. The distinctive features of the research were both conducting an experiment on a single software and hardware and using the same data-set and taking into account the estimate of the time spent on training the model, in addition to the accuracy, precision, recall and F score of anomaly detection efficiency. Practical significance is that the results obtained in the research can be used to build systems for detecting network anomalies in the Internet of Things.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Marrocco, G.: Pervasive electromagnetics: sensing paradigms by passive RFID technology. IEEE Wirel. Commun. 17(6), 10–17 (2010)
Goldstein, B.S., Kucheryavy, A.E.: Post-NGN communication networks. Inf. Control Syst. 6(4), 160–172 (2013)
Brutlag, J.D.: Aberrant behavior detection in time series for network monitoring. In: Proceeding of the 14th Systems Administration Conference, pp. 139–146 (2000)
Thottan, M., Chuanyi, J.: Anomaly detection in IP networks. IEEE Trans. Sig. Proc. 8(51), 2191–2204 (2003)
Wang, H., Zhang, D., Shin, K.G.: Detecting SYN flooding attacks. Proc. IEEE INFOCOM. 6(23), 1530–1539 (2002)
Staniford, S., Hoagland, J., MCalerney, J.M.: Practical automated detection of stealthy portscans. Proc. IDS Workshop 2(4), 197–216 (2000)
Ageev, S.A., Saenko, I.B.: Method of intellectual multi-agent information security risk management in protected multiservice special-purposed networks. T-Commun. 1, 5–10 (2015)
Gorodetsky, V., Kotenko, I., Karsayev, O.: Multi-agent technologies for computer network security: attack simulation, intrusion detection and intrusion detection learning. Int. J. Comput. Syst. Sci. Eng. 4(18), 191–200 (2003)
Branitskiy, A.A., Kotenko, I.V.: Network attack detection based on combination of neural, immune and neuro-fuzzy classifiers. Inf. Control Syst. 4, 69–77 (2015)
Al-Garadi, M.A., Mohamed, A., Al-Ali, A., Du, X., Guizani, M.: A survey of machine and deep learning methods for Internet of Things (IoT) security. IEEE Commun. Surv. Tutorials 3(22), 1646–1685 (2020)
Levshun, D., Gaifulina, D., Chechulin, A., Kotenko, I.: Problematic issues of information security of cyber-physical systems. Inf. Autom. 5(19), 1050–1088 (2020)
Roopak, M., Tian, G.Y., Chambers, J.: Deep learning models for cyber security in IoT networks. In: IEEE Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, USA, pp. 0452–0457 (2019)
Kuzlu, M., Fair, C., Guler, O.: Role of artificial intelligence in the Internet of Things (IoT) cybersecurity. Discov. Internet Things 1(1), 1–14 (2021). https://doi.org/10.1007/s43926-020-00001-4
Elrawy, M.F., Awad, A.I., Hamed, H.F.A.: Intrusion detection systems for IoT-based smart environments: a survey. J. Cloud Comput. 7(1), 1–20 (2018). https://doi.org/10.1186/s13677-018-0123-6
Ahmad, M., Riaz, Q., Zeeshan, M., Tahir, H., Haider, S.A., Khan, M.S.: Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set. J. Wirel. Commun. Netw. 2021(1), 1–23 (2021). https://doi.org/10.1186/s13638-021-01893-8
Maimó, L.F., et al.: On the performance of a deep learning-based anomaly detection system for 5G networks. In: IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, pp. 1–8 (2017)
UNSW-NB15 Dataset (2021). https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/. Accessed 06 Mar 2021
Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military Communications and Information Systems Conference (MilCIS), Canberra, ACT, pp. 1–6 (2015). https://doi.org/10.1109/MilCIS.2015.7348942
Moustafa, N., Turnbull, B., Choo, K.R.: An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J. 3(6), 4815–4830 (2019). https://doi.org/10.1109/JIOT.2018.2871719
Deshevih, E.A., Ushakov, I.A., Kotenko, I.V.: Overview of big data tools and platforms for information security monitoring. In: Information Security of Russian Regions (IBRR-2015), pp. 67–87 (2019)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Istratova, E., Grif, M., Dostovalov, D. (2021). Application of Traditional Machine Learning Models to Detect Abnormal Traffic in the Internet of Things Networks. In: Nguyen, N.T., Iliadis, L., Maglogiannis, I., Trawiński, B. (eds) Computational Collective Intelligence. ICCCI 2021. Lecture Notes in Computer Science(), vol 12876. Springer, Cham. https://doi.org/10.1007/978-3-030-88081-1_55
Download citation
DOI: https://doi.org/10.1007/978-3-030-88081-1_55
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-88080-4
Online ISBN: 978-3-030-88081-1
eBook Packages: Computer ScienceComputer Science (R0)