/IoT-Devices-Intrusion-Detection

Integrating CNN-LSTM Networks with Statistical Filtering Techniques for Optimizing IoT Intrusion Detection

Primary LanguagePythonApache License 2.0Apache-2.0

Intrusion Detection for IoT and IIoT Networks

This project (Our Paper) centers on enhancing the reliability of Internet of Things (IoT) and Industrial Internet of Things (IIoT) networks using machine learning and deep learning techniques. It includes implementing and evaluating deep learning models using two datasets: CoAP-DDoS and Edge-IIoT.

If you use this project, please cite this paper: https://doi.org/10.1109/SCIoT62588.2024.10570107.

Table of Contents

Introduction

In recent years, the proliferation of IoT and IIoT devices has led to an increased risk associated with network traffic in these environments. Machine Learning plays a crucial role in identifying and mitigating such attacks. This project aims to develop effective deep learning models tailored for IoT and IIoT environments.

Datasets

The project utilizes two datasets for training and evaluating the DL models:

CoAP-DoS Dataset

Description

The CoAP-DoS dataset consists of network traffic data captured during CoAP-based DDoS attacks. It includes features such as packet headers, payload information, and timestamps.

Preprocessing

Preprocessing steps applied to the CoAP-DoS dataset include median filtering, standard deviation-based filtering, and normalization. These steps help clean the data and prepare it for model training.

Model Architecture

The model architecture for the CoAP-DoS dataset consists of convolutional and recurrent neural network layers. These layers are designed to extract relevant features from the input data and make predictions based on them.

Training and Evaluation

The model is trained using the training data from the CoAP-DoS dataset and evaluated using the test data. Training involves optimizing the model's parameters using the Adam optimizer and minimizing the sparse categorical cross-entropy loss. The model's performance is evaluated based on accuracy metrics.

Edge-IIoT Dataset

Description

The Edge-IIoT dataset comprises network traffic data collected from Edge-IIoT environments, including various types of attacks and normal traffic patterns. It contains features related to network protocols, communication patterns, and attack types.

Preprocessing

Preprocessing the Edge-IIoT dataset involves encoding categorical features, scaling numerical features, and reshaping the data for model compatibility. These preprocessing steps ensure that the data is in a suitable format for training the model.

Model Architecture

The DL model architecture for the Edge-IIoT dataset includes convolutional, pooling, and recurrent layers followed by dense layers for classification. This architecture is designed to capture temporal and spatial dependencies in the input data and make accurate predictions.

Training and Evaluation

The model is trained using the preprocessed training data from the Edge-IIoT dataset and evaluated using the test data. Training involves optimizing the model's parameters using the Adam optimizer and minimizing the categorical cross-entropy loss. Model performance is assessed using accuracy metrics and confusion matrices.

Usage

To use the project, follow these steps:

  1. Clone the repository to your local machine.
  2. Install the required dependencies mentioned in the requirements.txt file.
  3. Run the provided Jupyter notebooks or Python scripts to train and evaluate the deep learning models.
  4. Experiment with different hyperparameters and architectures to improve model performance.

License

This project is licensed under the Apache License - see the LICENSE file for details.

© 2024 ALI BAYANI