Machine Learning Enabled Novel Real-Time IoT Targeted DoS/DDoS Cyber Attack Detection System  

作　　者：Abdullah Alabdulatif Navod Neranjan Thilakarathne Mohamed Aashiq 

机构地区：[1]Department of Cybersecurity,College of Computer,Qassim University,Buraydah,51452,Saudi Arabia [2]Department of ICT,Faculty of Technology,University of Colombo,Colombo,00700,Sri Lanka [3]Department of Computer Science and Engineering,Faculty of Engineering,South Eastern University of Sri Lanka,Oluvil,32360,Sri Lanka

出　　处：《Computers, Materials & Continua》2024年第9期3655-3683,共29页计算机、材料和连续体（英文）

基　　金：funded by Qassim University(QU-APC-2024-9/1).

摘　　要：The increasing prevalence of Internet of Things(IoT)devices has introduced a new phase of connectivity in recent years and,concurrently,has opened the floodgates for growing cyber threats.Among the myriad of potential attacks,Denial of Service(DoS)attacks and Distributed Denial of Service(DDoS)attacks remain a dominant concern due to their capability to render services inoperable by overwhelming systems with an influx of traffic.As IoT devices often lack the inherent security measures found in more mature computing platforms,the need for robust DoS/DDoS detection systems tailored to IoT is paramount for the sustainable development of every domain that IoT serves.In this study,we investigate the effectiveness of three machine learning(ML)algorithms:extreme gradient boosting(XGB),multilayer perceptron(MLP)and random forest(RF),for the detection of IoTtargeted DoS/DDoS attacks and three feature engineering methods that have not been used in the existing stateof-the-art,and then employed the best performing algorithm to design a prototype of a novel real-time system towards detection of such DoS/DDoS attacks.The CICIoT2023 dataset was derived from the latest real-world IoT traffic,incorporates both benign and malicious network traffic patterns and after data preprocessing and feature engineering,the data was fed into our models for both training and validation,where findings suggest that while all threemodels exhibit commendable accuracy in detectingDoS/DDoS attacks,the use of particle swarmoptimization(PSO)for feature selection has made great improvements in the performance(accuracy,precsion recall and F1-score of 99.93%for XGB)of the ML models and their execution time(491.023 sceonds for XGB)compared to recursive feature elimination(RFE)and randomforest feature importance(RFI)methods.The proposed real-time system for DoS/DDoS attack detection entails the implementation of an platform capable of effectively processing and analyzing network traffic in real-time.This involvesemploying the best-performing ML algorithmf

关 键 词：Machine learning Internet of Things(IoT) DoS DDoS CYBERSECURITY intrusion prevention network security feature optimization sustainability 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]