Hybrid Deep Learning Based Attack Detection for Imbalanced Data Classification

Internet of Things(IoT)is the most widespread and fastest growing technology today.Due to the increasing of IoT devices connected to the Internet,the IoT is the most technology under security attacks.The IoT devices are not designed with security because they are resource constrained devices.Therefore,having an accurate IoT security system to detect security attacks is challenging.Intrusion Detection Systems(IDSs)using machine learning and deep learning techniques can detect security attacks accurately.This paper develops an IDS architecture based on Convolutional Neural Network(CNN)and Long Short-Term Memory(LSTM)deep learning algorithms.We implement our model on the UNSW-NB15 dataset which is a new network intrusion dataset that cate-gorizes the network traffic into normal and attacks traffic.In this work,interpolation data preprocessing is used to compute the missing values.Also,the imbalanced data problem is solved using a synthetic data generation method.Extensive experiments have been implemented to compare the performance results of the proposed model(CNN+LSTM)with a basic model(CNN only)using both balanced and imbalanced dataset.Also,with some state-of-the-art machine learning classifiers(Decision Tree(DT)and Random Forest(RF))using both balanced and imbalanced dataset.The results proved the impact of the balancing technique.The proposed hybrid model with the balance technique can classify the traffic into normal class and attack class with reasonable accuracy(92.10%)compared with the basic CNN model(89.90%)and the machine learning(DT 88.57%and RF 90.85%)models.Moreover,comparing the proposed model results with the most related works shows that the proposed model gives good results compared with the related works that used the balance techniques.

Distributed Federated Split Learning Based Intrusion Detection System

The Internet of Medical Things(IoMT)is one of the critical emerging applications of the Internet of Things(IoT).The huge increases in data generation and transmission across distributed networks make security one of the most important challenges facing IoMT networks.Distributed Denial of Service(DDoS)attacks impact the availability of services of legitimate users.Intrusion Detection Systems(IDSs)that are based on Centralized Learning(CL)suffer from high training time and communication overhead.IDS that are based on distributed learning,such as Federated Learning(FL)or Split Learning(SL),are recently used for intrusion detection.FL preserves data privacy while enabling collaborative model development.However,FL suffers from high training time and communication overhead.On the other hand,SL offers advantages in terms of computational resources,but it faces challenges such as communication overhead and potential security vulnerabilities at the split point.Federated Split Learning(FSL)has proposed overcoming the problems of both FL and SL and offering more secure,efficient,and scalable distribution systems.This paper proposes a novel distributed FSL(DFSL)system to detect DDoS attacks.The proposed DFSL enhances detection accuracy and reduces training time by designing an adaptive aggregation method based on the early stopping strategy.However,the increased number of clients leads to increasing communication overheads.We further propose a Multi-Node Selection(MNS)based Best ChannelBest l2-Norm(BC-BN2)selection scheme to reduce communication overhead.Two DL models are used to test the effectiveness of the proposed system,including a Convolutional Neural Network(CNN)and CNN with Long Short-Term Memory(LSTM)on two modern datasets.The performance of the proposed system is compared with three baseline distributed approaches such as FedAvg,Vanilla SL,and SplitFed algorithms.The proposed system outperforms the baseline algorithms with an accuracy of 99.70%and 99.87%in CICDDoS2019 and LITNET-2020 datasets,respectively.The proposed system’s training time and communication overhead are 30%and 20%less than the baseline algorithms.