International Journal on Advanced Science, Engineering and Information Technology, Vol. 13 (2023) No. 2, pages: 767-776, DOI:10.18517/ijaseit.13.2.17573

IDS Based on Machine Learning in Reaction to IoT Attacks: Review and Empirical Evaluation

Abdelouahed Bamou, Moulay Driss El Ouadghiri, Badraddine Aghoutane, Loukmane Maada


Recently, connected objects have been the subject of cyber-attacks at an alarming rate. These devices connected to a vast volume data stream have insufficient resources and are not manually configured. Typically, attacks target the usability and exploitation of these vulnerabilities. These attacks make the mission of traditional intrusion detection (IDS) systems more challenging to limit intrusion threats. Machine learning (ML) can solve this problem, mainly since the Internet of Things (IoT) can collect and transfer massive amounts of data. This data is the essence of ML, enabling it to build security and privacy models which can predict or classify malicious nodes and network traffic in the IoT. This article looks at the more common forms of cyberattacks, which could lead to an IoT system failure, as well as a countermeasure capable of limiting their damage. First, we present a general review of IDS and these evaluation measures as a solution to limit these attacks. After reviewing the ML domain and these often-used algorithms, on which the IDS can be based to accomplish its mission, we examine the different datasets researchers use to form their IDS. Finally, we look at a practical example of using Python to evaluate ML methods on a current dataset (TON IoT). The research is based on previous research on the topic. The results enable us to choose the appropriate algorithms for the IDS to achieve the best binary and multi-classification based on the evaluation parameters.


IoT security; IDS; evaluation metrics; machine learning algorithms; attacks and threats in IoT; datasets for IDS in IoT; classification

Viewed: 353 times (since abstract online)

cite this paper     download