Machine Learning-Based Adaptive Synthetic Sampling Technique for Intrusion Detection

Traditional firewalls and data encryption techniques can no longer match the demands of current IoT network security due to the rising amount and variety of network threats. In order to manage IoT network risks, intrusion detection solutions have been advised. Even though machine learning (ML) helps the widely used intrusion detection techniques currently in use, these algorithms struggle with low detection rates and the requirement for extensive feature engineering. The deep learning model for IoT network intrusion detection is a method for traffic anomaly detection that is suggested by this study. To extract the sequence properties of data flow through a CNN, it combines an attention mechanism with a Long Short Term Memory (LSTM) network. This method uses adaptive synthetic sampling (ADASYN) to increase the size of minority-class samples. The proposed models demonstrated acceptable precision and recall for each class when used for binary-class classification, proving their stability and capacity to identify all classes correctly. The MLP classifier's accuracy, precision, recall, and F1 value were 87%, 89%, 87%, and 89%, respectively, with an AUC score of 0.88. Overall, the proposed models performed well. The attack and all-class models exhibited good AUCs and macro metrics, the same as the proposed MLP classifier, which had an F1 score of 83% and an AUC score of 0.94. Additionally, it trained the MLP classifier and integrated the ADAM optimizer and category cross-entropy loss function for all-class classification. With an AUC value of 94%, it possessed 84% accuracy, 87% precision, 84% recall, and an 83% F1 score. A further indication of the hybrid model's ability to combine the benefits of both models to improve overall performance was that it regularly outperformed the MLP model. This model's accuracy and F1 score are better than those of earlier comparable algorithms, according to experimental results using the publicly accessible benchmark dataset for network intrusion detection (NSL-KDD).

Automated summary

Traditional firewalls and data encryption techniques are insufficient for IoT network security due to increasing network threats. Intrusion detection solutions, such as the proposed deep learning model, combining attention mechanism with LSTM network, can effectively detect traffic anomalies. The proposed models demonstrated good performance in binary-class classification, with acceptable precision and recall for each class.