الملخص الإنجليزي
In recent years, the Internet of Things (IoT) has received great attention in the areas of
industry and academic field. Currently, IoT technologies have been applied in many fields
and are changing lives in many areas such as smart homes, smart cities and autonomous
cars. However, the increased deployment of such smart devices brings an increase in the
potential security risks. Machine-learning techniques have been well adapted as the main
detection algorithms in Intrusion Detection Systems (IDS), owing to their model-free
properties and learnability.
In this research, we have conducted a literature to identify different IoT threats classified
by IoT layers and different challenges. We surveyed various machine learning algorithms
that are used in IoT security research. In addition, we provide detailed comparisons about
the available benchmark datasets that are widely used for IoT research.
In this project, we propose a machine learning technique called Multiclass Matched Filter
model for IoT anomaly detection. We have evaluated the performance of the matched
filter in multiclass for normal classes and three attack classes using the Bot-IoT dataset.
We started our experiment without scaling data, and then we normalized the data using
three scalars: standard, min/max scaling and mean normalization. We divided our
experiment into two phases: training and testing phases. In the training phase, we generate
four filters that correspond to the four classes of IoT attacks with the best balancing factor
a, margin alpha α and Threshold T parameters. In the testing phase, we first apply the
filters to the testing samples and then integrate the results to obtain the final classification
for a given IoT attack.
The evaluation results have shown an accuracy of 96.73% and F-score of 97.77% for the normal
filter with min/max scaling and the best accuracy for merging all filters is 77.34% for the same
scaling (min/max). The performance of the proposed multiclass matched filter has been compared
with existing machine learning techniques proposed by other researchers using the same dataset.
The experiment results show that multiclass matched filter achieves high accuracy and F-score in
detecting normal class and reliable accuracy and F-score in classifying normal with three types
of attack classes. In the future, we can improve the proposed system by building our own
IoT network dataset, considering more features and improving the feature extraction
methods.