Enhanced Coyote Optimization with Deep Learning Based Cloud-Intrusion Detection System

Cloud Computing(CC)is the preference of all information technology(IT)organizations as it offers pay-per-use based and flexible services to its users.But the privacy and security become the main hindrances in its achievement due to distributed and open architecture that is prone to intruders.Intrusion Detection System(IDS)refers to one of the commonly utilized system for detecting attacks on cloud.IDS proves to be an effective and promising technique,that identifies malicious activities and known threats by observing traffic data in computers,and warnings are given when such threatswere identified.The current mainstream IDS are assisted with machine learning(ML)but have issues of low detection rates and demanded wide feature engineering.This article devises an Enhanced Coyote Optimization with Deep Learning based Intrusion Detection System for Cloud Security(ECODL-IDSCS)model.The ECODL-IDSCS model initially addresses the class imbalance data problem by the use of Adaptive Synthetic(ADASYN)technique.For detecting and classification of intrusions,long short term memory(LSTM)model is exploited.In addition,ECO algorithm is derived to optimally fine tune the hyperparameters related to the LSTM model to enhance its detection efficiency in the cloud environment.Once the presented ECODL-IDSCS model is tested on benchmark dataset,the experimental results show the promising performance of the ECODL-IDSCS model over the existing IDS models.

Intelligent Intrusion Detection System for Industrial Internet of Things Environment

Rapid increase in the large quantity of industrial data,Industry 4.0/5.0 poses several challenging issues such as heterogeneous data generation,data sensing and collection,real-time data processing,and high request arrival rates.The classical intrusion detection system(IDS)is not a practical solution to the Industry 4.0 environment owing to the resource limitations and complexity.To resolve these issues,this paper designs a new Chaotic Cuckoo Search Optimiza-tion Algorithm(CCSOA)with optimal wavelet kernel extreme learning machine(OWKELM)named CCSOA-OWKELM technique for IDS on the Industry 4.0 platform.The CCSOA-OWKELM technique focuses on the design of feature selection with classification approach to achieve minimum computation complex-ity and maximum detection accuracy.The CCSOA-OWKELM technique involves the design of CCSOA based feature selection technique,which incorpo-rates the concepts of chaotic maps with CSOA.Besides,the OWKELM technique is applied for the intrusion detection and classification process.In addition,the OWKELM technique is derived by the hyperparameter tuning of the WKELM technique by the use of sunflower optimization(SFO)algorithm.The utilization of CCSOA for feature subset selection and SFO algorithm based hyperparameter tuning leads to better performance.In order to guarantee the supreme performance of the CCSOA-OWKELM technique,a wide range of experiments take place on two benchmark datasets and the experimental outcomes demonstrate the promis-ing performance of the CCSOA-OWKELM technique over the recent state of art techniques.

Machine Learning Techniques for Intrusion Detection Systems in SDN-Recent Advances,Challenges and Future Directions

Software-Defined Networking(SDN)enables flexibility in developing security tools that can effectively and efficiently analyze and detect malicious network traffic for detecting intrusions.Recently Machine Learning(ML)techniques have attracted lots of attention from researchers and industry for developing intrusion detection systems(IDSs)considering logically centralized control and global view of the network provided by SDN.Many IDSs have developed using advances in machine learning and deep learning.This study presents a comprehensive review of recent work ofML-based IDS in context to SDN.It presents a comprehensive study of the existing review papers in the field.It is followed by introducing intrusion detection,ML techniques and their types.Specifically,we present a systematic study of recent works,discuss ongoing research challenges for effective implementation of ML-based intrusion detection in SDN,and promising future works in this field.

Multi-Attack Intrusion Detection System for Software-Defined Internet of Things Network

Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.

Intrusion Detection System with Customized Machine Learning Techniques for NSL-KDD Dataset

Modern networks are at risk from a variety of threats as a result of the enormous growth in internet-based traffic.By consuming time and resources,intrusive traffic hampers the efficient operation of network infrastructure.An effective strategy for preventing,detecting,and mitigating intrusion incidents will increase productivity.A crucial element of secure network traffic is Intrusion Detection System(IDS).An IDS system may be host-based or network-based to monitor intrusive network activity.Finding unusual internet traffic has become a severe security risk for intelligent devices.These systems are negatively impacted by several attacks,which are slowing computation.In addition,networked communication anomalies and breaches must be detected using Machine Learning(ML).This paper uses the NSL-KDD data set to propose a novel IDS based on Artificial Neural Networks(ANNs).As a result,the ML model generalizes sufficiently to perform well on untried data.The NSL-KDD dataset shall be utilized for both training and testing.In this paper,we present a custom ANN model architecture using the Keras open-source software package.The specific arrangement of nodes and layers,along with the activation functions,enhances the model’s ability to capture intricate patterns in network data.The performance of the ANN is carefully tested and evaluated,resulting in the identification of a maximum detection accuracy of 97.5%.We thoroughly compared our suggested model to industry-recognized benchmark methods,such as decision classifier combinations and ML classifiers like k-Nearest Neighbors(KNN),Deep Learning(DL),Support Vector Machine(SVM),Long Short-Term Memory(LSTM),Deep Neural Network(DNN),and ANN.It is encouraging to see that our model consistently outperformed each of these tried-and-true techniques in all evaluations.This result underlines the effectiveness of the suggested methodology by demonstrating the ANN’s capacity to accurately assess the effectiveness of the developed strategy in identifying and categorizing instances of network intrusion.

Augmenting IoT Intrusion Detection System Performance Using Deep Neural Network

Due to their low power consumption and limited computing power,Internet of Things(IoT)devices are difficult to secure.Moreover,the rapid growth of IoT devices in homes increases the risk of cyber-attacks.Intrusion detection systems(IDS)are commonly employed to prevent cyberattacks.These systems detect incoming attacks and instantly notify users to allow for the implementation of appropriate countermeasures.Attempts have been made in the past to detect new attacks using machine learning and deep learning techniques,however,these efforts have been unsuccessful.In this paper,we propose two deep learning models to automatically detect various types of intrusion attacks in IoT networks.Specifically,we experimentally evaluate the use of two Convolutional Neural Networks(CNN)to detect nine distinct types of attacks listed in the NF-UNSW-NB15-v2 dataset.To accomplish this goal,the network stream data were initially converted to twodimensional images,which were then used to train the neural network models.We also propose two baseline models to demonstrate the performance of the proposed models.Generally,both models achieve high accuracy in detecting the majority of these nine attacks.

A Comprehensive Analysis of Datasets for Automotive Intrusion Detection Systems

Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance.

Internet of Things Intrusion Detection System Based on Convolutional Neural Network

In recent years, the Internet of Things (IoT) technology has developedby leaps and bounds. However, the large and heterogeneous networkstructure of IoT brings high management costs. In particular, the low costof IoT devices exposes them to more serious security concerns. First, aconvolutional neural network intrusion detection system for IoT devices isproposed. After cleaning and preprocessing the NSL-KDD dataset, this paperuses feature engineering methods to select appropriate features. Then, basedon the combination of DCNN and machine learning, this paper designs acloud-based loss function, which adopts a regularization method to preventoverfitting. The model consists of one input layer, two convolutional layers,two pooling layers and three fully connected layers and one output layer.Finally, a framework that can fully consider the user’s privacy protection isproposed. The framework can only exchange model parameters or intermediateresults without exchanging local individuals or sample data. This paperfurther builds a global model based on virtual fusion data, so as to achievea balance between data privacy protection and data sharing computing. Theperformance indicators such as accuracy, precision, recall, F1 score, and AUCof the model are verified by simulation. The results show that the model ishelpful in solving the problem that the IoT intrusion detection system cannotachieve high precision and low cost at the same time.

Securing Cloud Computing from Flash Crowd Attack Using Ensemble Intrusion Detection System

Flash Crowd attacks are a form of Distributed Denial of Service(DDoS)attack that is becoming increasingly difficult to detect due to its ability to imitate normal user behavior in Cloud Computing(CC).Botnets are often used by attackers to perform a wide range of DDoS attacks.With advancements in technology,bots are now able to simulate DDoS attacks as flash crowd events,making them difficult to detect.When it comes to application layer DDoS attacks,the Flash Crowd attack that occurs during a Flash Event is viewed as the most intricate issue.This is mainly because it can imitate typical user behavior,leading to a substantial influx of requests that can overwhelm the server by consuming either its network bandwidth or resources.Therefore,identifying these types of attacks on web servers has become crucial,particularly in the CC.In this article,an efficient intrusion detection method is proposed based on White Shark Optimizer and ensemble classifier(Convolutional Neural Network(CNN)and LighGBM).Experiments were conducted using a CICIDS 2017 dataset to evaluate the performance of the proposed method in real-life situations.The proposed IDS achieved superior results,with 95.84%accuracy,96.15%precision,95.54%recall,and 95.84%F1 measure.Flash crowd attacks are challenging to detect,but the proposed IDS has proven its effectiveness in identifying such attacks in CC and holds potential for future improvement.

An Intelligent Intrusion Detection System in Smart Grid Using PRNN Classifier

Typically,smart grid systems enhance the ability of conventional power system networks as it is vulnerable to several kinds of attacks.These vulnerabil-ities might cause the attackers or intruders to collapse the entire network system thus breaching the confidentiality and integrity of smart grid systems.Thus,for this purpose,Intrusion detection system(IDS)plays a pivotal part in offering a reliable and secured range of services in the smart grid framework.Several exist-ing approaches are there to detect the intrusions in smart grid framework,however they are utilizing an old dataset to detect anomaly thus resulting in reduced rate of detection accuracy in real-time and huge data sources.So as to overcome these limitations,the proposed technique is presented which employs both real-time raw data from the smart grid network and KDD99 dataset thus detecting anoma-lies in the smart grid network.In the grid side data acquisition,the power trans-mitted to the grid is checked and enhanced in terms of power quality by eradicating distortion in transmission lines.In this approach,power quality in the smart grid network is enhanced by rectifying the fault using a FACT device termed UPQC(Unified Power Quality Controller)and thereby storing the data in cloud storage.The data from smart grid cloud storage and KDD99 are pre-pro-cessed and are optimized using Improved Aquila Swarm Optimization(IASO)to extract optimal features.The probabilistic Recurrent Neural Network(PRNN)classifier is then employed for the prediction and classification of intrusions.At last,the performance is estimated and the outcomes are projected in terms of grid voltage,grid current,Total Harmonic Distortion(THD),voltage sag/swell,accu-racy,precision,recall,F-score,false acceptance rate(FAR),and detection rate of the classifier.The analysis is compared with existing techniques to validate the proposed model efficiency.

An Efficient Cyber Security and Intrusion Detection System Using CRSR with PXORP-ECC and LTH-CNN

Intrusion Detection System(IDS)is a network security mechanism that analyses all users’and applications’traffic and detectsmalicious activities in real-time.The existing IDSmethods suffer fromlower accuracy and lack the required level of security to prevent sophisticated attacks.This problem can result in the system being vulnerable to attacks,which can lead to the loss of sensitive data and potential system failure.Therefore,this paper proposes an Intrusion Detection System using Logistic Tanh-based Convolutional Neural Network Classification(LTH-CNN).Here,the Correlation Coefficient based Mayfly Optimization(CC-MA)algorithm is used to extract the input characteristics for the IDS from the input data.Then,the optimized features are utilized by the LTH-CNN,which returns the attacked and non-attacked data.After that,the attacked data is stored in the log file and non-attacked data is mapped to the cyber security and data security phases.To prevent the system from cyber-attack,the Source and Destination IP address is converted into a complex binary format named 1’s Complement Reverse Shift Right(CRSR),where,in the data security phase the sensed data is converted into an encrypted format using Senders Public key Exclusive OR Receivers Public Key-Elliptic Curve Cryptography(PXORP-ECC)Algorithm to improve the data security.TheNetwork Security Laboratory-Knowledge Discovery inDatabases(NSLKDD)dataset and real-time sensor are used to train and evaluate the proposed LTH-CNN.The suggested model is evaluated based on accuracy,sensitivity,and specificity,which outperformed the existing IDS methods,according to the results of the experiments.

Modified Metaheuristics with Weighted Majority Voting Ensemble Deep Learning Model for Intrusion Detection System

The Internet of Things(IoT)system has confronted dramatic growth in high dimensionality and data traffic.The system named intrusion detection systems(IDS)is broadly utilized for the enhancement of security posture in an IT infrastructure.An IDS is a practical and suitable method for assuring network security and identifying attacks by protecting it from intrusive hackers.Nowadays,machine learning(ML)-related techniques were used for detecting intrusion in IoTs IDSs.But,the IoT IDS mechanism faces significant challenges because of physical and functional diversity.Such IoT features use every attribute and feature for IDS self-protection unrealistic and difficult.This study develops a Modified Metaheuristics with Weighted Majority Voting Ensemble Deep Learning(MM-WMVEDL)model for IDS.The proposed MM-WMVEDL technique aims to discriminate distinct kinds of attacks in the IoT environment.To attain this,the presented MM-WMVEDL technique implements min-max normalization to scale the input dataset.For feature selection purposes,the MM-WMVEDL technique exploits the Harris hawk optimization-based elite fractional derivative mutation(HHO-EFDM)technique.In the presented MM-WMVEDL technique,a Bi-directional long short-term memory(BiLSTM),extreme learning machine(ELM)and an ensemble of gated recurrent unit(GRU)models take place.A wide range of simulation analyses was performed on CICIDS-2017 dataset to exhibit the promising performance of the MM-WMVEDL technique.The comparison study pointed out the supremacy of the MM-WMVEDL method over other recent methods with accuracy of 99.67%.

An Intrusion Detection System for SDN Using Machine Learning

Software Defined Networking(SDN)has emerged as a promising and exciting option for the future growth of the internet.SDN has increased the flexibility and transparency of the managed,centralized,and controlled network.On the other hand,these advantages create a more vulnerable environment with substantial risks,culminating in network difficulties,system paralysis,online banking frauds,and robberies.These issues have a significant detrimental impact on organizations,enterprises,and even economies.Accuracy,high performance,and real-time systems are necessary to achieve this goal.Using a SDN to extend intelligent machine learning methodologies in an Intrusion Detection System(IDS)has stimulated the interest of numerous research investigators over the last decade.In this paper,a novel HFS-LGBM IDS is proposed for SDN.First,the Hybrid Feature Selection algorithm consisting of two phases is applied to reduce the data dimension and to obtain an optimal feature subset.In thefirst phase,the Correlation based Feature Selection(CFS)algorithm is used to obtain the feature subset.The optimal feature set is obtained by applying the Random Forest Recursive Feature Elimination(RF-RFE)in the second phase.A LightGBM algorithm is then used to detect and classify different types of attacks.The experimental results based on NSL-KDD dataset show that the proposed system produces outstanding results compared to the existing methods in terms of accuracy,precision,recall and f-measure.

FIDS:Filtering-Based Intrusion Detection System for In-Vehicle CAN

Modern vehicles are equipped with multiple Electronic Control Units(ECUs)that support various convenient driving functions,such as the Advanced Driver Assistance System(ADAS).To enable communication between these ECUs,the Controller Area Network(CAN)protocol is widely used.However,since CAN lacks any security technologies,it is vulnerable to cyber attacks.To address this,researchers have conducted studies on machine learning-based intrusion detection systems(IDSs)for CAN.However,most existing IDSs still have non-negligible detection errors.In this paper,we pro-pose a new filtering-based intrusion detection system(FIDS)to minimize the detection errors of machine learning-based IDSs.FIDS uses a whitelist and a blacklist created from CAN datasets.The whitelist stores the cryptographic hash value of normal packet sequences to correct false positives(FP),while the blacklist corrects false negatives(FN)based on transmission intervals and identifiers of CAN packets.We evaluated the performance of the proposed FIDS by implementing a machine learning-based IDS and applying FIDS to it.We conducted the evaluation using two CAN attack datasets provided by the Hacking and Countermeasure Research Lab(HCRL),which confirmed that FIDS can effectively reduce the FP and FN of the existing IDS.

A Novel MegaBAT Optimized Intelligent Intrusion Detection System in Wireless Sensor Networks

Wireless Sensor Network(WSN),whichfinds as one of the major components of modern electronic and wireless systems.A WSN consists of numerous sensor nodes for the discovery of sensor networks to leverage features like data sensing,data processing,and communication.In thefield of medical health care,these network plays a very vital role in transmitting highly sensitive data from different geographic regions and collecting this information by the respective network.But the fear of different attacks on health care data typically increases day by day.In a very short period,these attacks may cause adversarial effects to the WSN nodes.Furthermore,the existing Intrusion Detection System(IDS)suffers from the drawbacks of limited resources,low detection rate,and high computational overhead and also increases the false alarm rates in detecting the different attacks.Given the above-mentioned problems,this paper proposes the novel MegaBAT optimized Long Short Term Memory(MBOLT)-IDS for WSNs for the effective detection of different attacks.In the proposed framework,hyperpara-meters of deep Long Short-Term Memory(LSTM)were optimized by the meta-heuristic megabat algorithm to obtain a low computational overhead and high performance.The experimentations have been carried out using(Wireless Sensor NetworkDetection System)WSN-DS datasets and performance metrics such as accuracy,recall,precision,specificity,and F1-score are calculated and compared with the other existing intelligent IDS.The proposed framework provides outstanding results in detecting the black hole,gray hole,scheduling,flooding attacks and significantly reduces the time complexity,which makes this system suitable for resource-constraint WSNs.

Performance Analysis of Intrusion Detection System in the IoT Environment Using Feature Selection Technique

The increasing number of security holes in the Internet of Things(IoT)networks creates a question about the reliability of existing network intrusion detection systems.This problem has led to the developing of a research area focused on improving network-based intrusion detection system(NIDS)technologies.According to the analysis of different businesses,most researchers focus on improving the classification results of NIDS datasets by combining machine learning and feature reduction techniques.However,these techniques are not suitable for every type of network.In light of this,whether the optimal algorithm and feature reduction techniques can be generalized across various datasets for IoT networks remains.The paper aims to analyze the methods used in this research and whether they can be generalized to other datasets.Six ML models were used in this study,namely,logistic regression(LR),decision trees(DT),Naive Bayes(NB),random forest(RF),K-nearest neighbors(KNN),and linear SVM.The primary detection algorithms used in this study,Principal Component(PCA)and Gini Impurity-Based Weighted Forest(GIWRF)evaluated against three global ToN-IoT datasets,UNSW-NB15,and Bot-IoT datasets.The optimal number of dimensions for each dataset was not studied by applying the PCA algorithm.It is stated in the paper that the selection of datasets affects the performance of the FE techniques and detection algorithms used.Increasing the efficiency of this research area requires a comprehensive standard feature set that can be used to improve quality over time.

A Hybrid DNN-RBFNN Model for Intrusion Detection System

Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions.

MEM-TET: Improved Triplet Network for Intrusion Detection System

With the advancement of network communication technology,network traffic shows explosive growth.Consequently,network attacks occur frequently.Network intrusion detection systems are still the primary means of detecting attacks.However,two challenges continue to stymie the development of a viable network intrusion detection system:imbalanced training data and new undiscovered attacks.Therefore,this study proposes a unique deep learning-based intrusion detection method.We use two independent in-memory autoencoders trained on regular network traffic and attacks to capture the dynamic relationship between traffic features in the presence of unbalanced training data.Then the original data is fed into the triplet network by forming a triplet with the data reconstructed from the two encoders to train.Finally,the distance relationship between the triples determines whether the traffic is an attack.In addition,to improve the accuracy of detecting unknown attacks,this research proposes an improved triplet loss function that is used to pull the distances of the same class closer while pushing the distances belonging to different classes farther in the learned feature space.The proposed approach’s effectiveness,stability,and significance are evaluated against advanced models on the Android Adware and General Malware Dataset(AAGM17),Knowledge Discovery and Data Mining Cup 1999(KDDCUP99),Canadian Institute for Cybersecurity Group’s Intrusion Detection Evaluation Dataset(CICIDS2017),UNSW-NB15,Network Security Lab-Knowledge Discovery and Data Mining(NSL-KDD)datasets.The achieved results confirmed the superiority of the proposed method for the task of network intrusion detection.

Feature Selection with Deep Reinforcement Learning for Intrusion Detection System

An intrusion detection system(IDS)becomes an important tool for ensuring security in the network.In recent times,machine learning(ML)and deep learning(DL)models can be applied for the identification of intrusions over the network effectively.To resolve the security issues,this paper presents a new Binary Butterfly Optimization algorithm based on Feature Selection with DRL technique,called BBOFS-DRL for intrusion detection.The proposed BBOFSDRL model mainly accomplishes the recognition of intrusions in the network.To attain this,the BBOFS-DRL model initially designs the BBOFS algorithm based on the traditional butterfly optimization algorithm(BOA)to elect feature subsets.Besides,DRL model is employed for the proper identification and classification of intrusions that exist in the network.Furthermore,beetle antenna search(BAS)technique is applied to tune the DRL parameters for enhanced intrusion detection efficiency.For ensuring the superior intrusion detection outcomes of the BBOFS-DRL model,a wide-ranging experimental analysis is performed against benchmark dataset.The simulation results reported the supremacy of the BBOFS-DRL model over its recent state of art approaches.

Intelligent Intrusion Detection System for the Internet of Medical Things Based on Data-Driven Techniques

Introducing IoT devices to healthcare fields has made it possible to remotely monitor patients’information and provide a proper diagnosis as needed,resulting in the Internet of Medical Things(IoMT).However,obtaining good security features that ensure the integrity and confidentiality of patient’s information is a significant challenge.However,due to the computational resources being limited,an edge device may struggle to handle heavy detection tasks such as complex machine learning algorithms.Therefore,designing and developing a lightweight detection mechanism is crucial.To address the aforementioned challenges,a new lightweight IDS approach is developed to effectively combat a diverse range of cyberattacks in IoMT networks.The proposed anomaly-based IDS is divided into three steps:pre-processing,feature selection,and decision.In the pre-processing phase,data cleaning and normalization are performed.In the feature selection step,the proposed approach uses two data-driven kernel techniques:kernel principal component analysis and kernel partial least square techniques to reduce the dimension of extracted features and to ameliorate the detection results.Therefore,in decision step,in order to classify whether the traffic flow is normal or malicious the kernel extreme learning machine is used.To check the efficiency of the developed detection scheme,a modern IoMT dataset named WUSTL-EHMS-2020 is considered to evaluate and discuss the achieved results.The proposed method achieved 99.9%accuracy,99.8%specificity,100%Sensitivity,99.9 F-score.