Abstract
The concept of software-defined Internet of Things (SD-IoT) is becoming even more widespread. SD-IoT enables us to realize programmable networks and business, simplifying the management of the Internet of Things (IoT) and improving the IoT flexibility and scalability. However, with the promotion of SD-IoT-based applications and services, security issues in SD-IoT networks have become increasingly prominent. Aimed to deal with such issues, in this paper, we propose a two-stage intrusion detection approach for SD-IoT networks. It can more intelligently detect attacks under SD-IoT networks. In particular, we use the differential evolution algorithm's mutation mechanism to improve the firefly algorithm to solve the existing firefly algorithm's problems, such as slow convergence speed, easy to fall into local optimum on complex problems, and low accuracy. Next, based on the wrapper feature selection method, the selected features are sent to a novel ensemble classifier, composed of the C4.5 decision tree, multilayer perceptron, and instance-based learning. Again, the proposed approach uses the weighted voting method to determine whether network traffic is abnormal. Our proposal's detection performance is evaluated in binary and multiclass classifications by adopting the NSL-KDD and UNSW-NB15 public data sets. Experimental results show that the proposed multiclass classification approach's accuracy is 99.00% and 88.46%, respectively, while the false-positive rate is 0.81% and 4.16%, respectively. Finally, experimental results show that our proposal outperforms existing methods in terms of detection performance.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Ahmad I (2015) Feature selection using particle swarm optimization in intrusion detection. Int J Distrib Sens Netw 11(10):806954
Alavi AH, Jiao P, Buttlar WG et al (2018) Internet of Things-enabled smart cities: state-of-the-art and future trends. Measurement 129(2018):589–606
Alazzam H, Sharieh A, Sabri KE et al (2020) A feature selection algorithm for intrusion detection system based on Pigeon Inspired Optimizer. Expert Syst Appl. https://doi.org/10.1016/j.eswa.2020.113249
Almomani O (2020) A feature selection model for network intrusion detection system based on PSO, GWO, FFA and GA algorithms. Symmetry 12(6):1–20
Bull P, Austin R, Popov E et al (2016) Flow based security for IoT devices using an SDN gateway. In: Conference on the future of the internet, 2016, pp 157–163
Chen T, Guestrin C (2016) Xgboost: a scalable tree boosting system. In: Proceedings of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining, pp 785–794
Cui M, Han D, Wang J (2019) An efficient and safe road condition monitoring authentication scheme based on fog computing. IEEE Internet Things J 6(5):9076–9084
Cui M, Han D, Wang J et al (2020) ARFV: an efficient shared data auditing scheme supporting revocation for fog-assisted vehicular ad-hoc networks. IEEE Trans Veh Technol 69(12):15815–15827
Ding Y, Fu X (2016) Kernel-based fuzzy c-means clustering algorithm based on genetic algorithm. Neurocomputing 188(2016):233–238
Han D, Pan N, Li KC (2020) A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection[J]. IEEE Trans Dependable Secure Comput. https://doi.org/10.1109/TDSC.2020.2977646
Han D, Pan N, Li K (forthcoming) A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection. In: IEEE transactions on dependable and secure computing. IEEE. https://doi.org/10.1109/TDSC.2020.2977646
Khadwilard A, Chansombat S, Thepphakorn T et al (2012) Application of firefly algorithm and its parameter setting for job shop scheduling. J Ind Technol 8(1):49–58
Khammassi C, Krichen S (2017) A GA-LR wrapper approach for feature selection in network intrusion detection. Comput Secur 70(2017):255–277
Khammassi C, Krichen S (2020) A NSGA2-LR wrapper approach for feature selection in network intrusion detection. Comput Netw 172(2020):1–18
Li Y, Chen M (2015) Software-defined network function virtualization: a survey. IEEE Access 3(2015):2542–2553
Li H, Han D, Tang M (2020) A privacy-preserving charging scheme for electric vehicles using blockchain and fog computing. IEEE Syst J. https://doi.org/10.1109/JSYST.2020.3009447
Li J, Zhao Z, Li R et al (2019) AI-based two-stage intrusion detection for software defined IoT networks. IEEE Internet Things J 6(2):2093–2102
Liang W, Huang W, Long J, Zhang K, Li K-C, Zhang D (2020) Deep reinforcement learning for resource protection and real-time detection in IoT environment. IEEE Internet Things J 7(7):6392–6401
Liang W, Li K-C, Long J, Kui X, Zomaya AY (2019) An industrial network intrusion detection algorithm based on multifeature data clustering optimization model. IEEE Trans Ind Inf 16(3):2063–2071
Lin KC, Zhang KY, Huang YH et al (2016) Feature selection based on an improved cat swarm optimization algorithm for big data classification. J Supercomput 72(8):3210–3221
Liu Y, Kuang Y, Xiao Y et al (2018) SDN-based data transfer security for Internet of Things. IEEE Internet Things J 5(1):257–268
Long NC, Meesad P, Unger H (2015) A highly accurate firefly based algorithm for heart disease prediction. Expert Syst Appl 42(21):8221–8231
Mašetic Z, Subasi A, Azemovic J (2016) Malicious web sites detection using C4. 5 decision tree. Southeast Eur J Soft Comput 5(1):68–72
Meng Y, Kwok LF (2013) Enhancing false alarm reduction using voted ensemble selection in intrusion detection. Int J Comput Intell Syst 6(4):626–638
Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Proceedings of the 2015 military communications and information systems conference (MilCIS). IEEE, pp 1–6
Nastic S, Sehic S, Le DH et al (2014) Provisioning software-defined IoT cloud systems. In: Proceedings of the 2014 international conference on future internet of things and cloud. IEEE, pp 288–295
Niu X (2014) Support vector extracted algorithm based on KNN and 10 fold cross-validation method. J Huazhong Normal Univ 48(3):335
Nobakht M, Sivaraman V, Boreli R, et al. A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow[C]. availability, reliability and security, 2016: 147–156.
Nyga D, Picklum M, Koralewski S et al (2017) Instruction completion through instance-based learning and semantic analogical reasoning. In: Proceedings of the 2017 IEEE international conference on robotics and automation (ICRA). IEEE, pp 4270–4277
Pasupulety U, Adwaith CD, Hegde S et al (2018) Feature selection using fast ensemble learning for network intrusion detection. In: Proceedings of the international conference on intelligent systems design and applications. Springer, Cham, pp 967–977
Paulauskas N, Auskalnis J (2017) Analysis of data pre-processing influence on intrusion detection using NSL-KDD dataset. In: Proceedings of the 2017 open conference of electrical, electronic and information sciences (eStream). IEEE, pp 1–5
Pham NT, Foo E, Suriadi S et al (2018) Improving performance of intrusion detection system using ensemble methods and feature selection. In: Proceedings of the Australasian computer science week multiconference on—ACSW, vol 18, pp 1–6
Raman MR, Somu N, Kirthivasan K et al (2017) An efficient intrusion detection system based on hypergraph—genetic algorithm for parameter optimization and feature selection in support vector machine. Knowl Based Syst 134(2017):1–12
Ramchoun H, Idrissi MAJ, Ghanou Y et al (2016) Multilayer perceptron: architecture optimization and training. IJIMAI 4(1):26–30
Rathore S, Saxena A, Manoria M (2015) Intrusion detection system on KDDCup99 dataset: a survey. Int J Comput Sci Inf Tech 6(4):3345–3348
Rukhaiyar S, Alam MN, Samadhiya NK (2018) A PSO-ANN hybrid model for predicting factor of safety of slope. Int J Geotech Eng 12(6):556–566
Salman O, Abdallah S, Elhajj IH et al (2016) Identity-based authentication scheme for the Internet of Things. In: International symposium on computers and communications, 2016, pp 1109–1111
Salman O, Elhajj I, Kayssi A et al (2015) An architecture for the Internet of Things with decentralized data and centralized control. In: Proceedings of the 2015 IEEE/ACS 12th international conference of computer systems and applications (AICCSA). IEEE, 1–8
Selvakumar B, Muneeswaran K (2019) Firefly algorithm based feature selection for network intrusion detection. Comput Secur 81(2019):148–155
Sornsuwit P, Jaiyen S (2015) Intrusion detection model based on ensemble learning for U2R and R2L attacks. In: Proceedings of the 2015 7th international conference on information technology and electrical engineering (ICITEE). IEEE, pp 354–359
Sun C, Ma M, Zhao Z et al (2018) Sparse deep stacking network for fault diagnosis of motor. IEEE Trans Ind Inf 14(7):3261–3270
Tama BA, Comuzzi M, Rhee K et al (2019) TSE-IDS: a two-stage classifier ensemble for intelligent anomaly-based intrusion detection system. IEEE Access 7(2019):94497–94507
Tayyaba SK, Shah MA, Khan OA et al (2017) Software defined network (SDN) based Internet of Things (IoT): a road ahead. In: Proceedings of the international conference on future networks and distributed systems, vol 15. ACM
Tian Q, Han D, Li K et al (2020) An intrusion detection approach based on improved deep belief network. Appl Intell 50(10):3162–3178
Wang J, Liao J, Zhou Y et al (2014) Differential evolution enhanced with multiobjective sorting-based mutation operators. IEEE Trans Cybern 44(12):2792–2805
Wang H, Wang W, Sun H et al (2016) Firefly algorithm with random attraction. Int J Bio Inspir Comput 8(1):33–41
Xiao T, Han D, He J, Li K-C, de Mello RF (2021) Multi-Keyword ranked search based on mapping set matching in cloud ciphertext storage system. Conn Sci 33(1):95–112
Yin D, Zhang L, Yang K (2018) A DDoS attack detection and mitigation with software-defined Internet of Things framework. IEEE Access 6(2018):24694–24705
Zareapoor M, Shamsolmoali P (2015) Application of credit card fraud detection: based on bagging ensemble classifier. Procedia Comput Sci 48(48):679–685
Zhang W, Han D, Li K, Massetto FI (2020) Wireless sensor network intrusion detection system based on MK-ELM. Soft Comput 24:12361–12374
Zong W, Chow Y, Susilo W et al (2018) A two-stage classifier approach for network intrusion detection. In: Proceedings of the international conference on information security practice and experience, pp 329–340
Acknowledgements
This investigation is supported by the National Natural Science Foundation of China, under grants 61873160 and 61672338.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Additional information
Publisher's note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Qiuting Tian and Dezhi Han are co-first authors.
Rights and permissions
About this article
Cite this article
Tian, Q., Han, D., Hsieh, MY. et al. A two-stage intrusion detection approach for software-defined IoT networks. Soft Comput 25, 10935–10951 (2021). https://doi.org/10.1007/s00500-021-05809-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-021-05809-y