An Experimental Analysis of Attack Classification Using Machine Learning in IoT Networks

TL;DR

This paper compares various machine learning algorithms for attack detection in IoT networks, demonstrating that random forest excels in binary classification and KNN in multi-class scenarios, based on extensive experimental evaluation.

Contribution

It provides a comprehensive experimental comparison of ML algorithms for attack classification in IoT, highlighting the most effective methods for different classification tasks.

Findings

Random forest achieves 99% accuracy in binary attack detection.

KNN outperforms others with 99% accuracy in multi-class attack classification.

RF is best for binary, KNN is best for multi-class attack detection.

Abstract

In recent years, there has been a massive increase in the amount of Internet of Things (IoT) devices as well as the data generated by such devices. The participating devices in IoT networks can be problematic due to their resource-constrained nature, and integrating security on these devices is often overlooked. This has resulted in attackers having an increased incentive to target IoT devices. As the number of attacks possible on a network increases, it becomes more difficult for traditional intrusion detection systems (IDS) to cope with these attacks efficiently. In this paper, we highlight several machine learning (ML) methods such as k-nearest neighbour (KNN), support vector machine (SVM), decision tree (DT), naive Bayes (NB), random forest (RF), artificial neural network (ANN), and logistic regression (LR) that can be used in IDS. In this work, ML algorithms are compared for both binary and multi-class classification on Bot-IoT dataset. Based on several parameters such as accuracy, precision, recall, F1 score, and log loss, we experimentally compared the aforementioned ML algorithms. In the case of HTTP distributed denial-of-service (DDoS) attack, the accuracy of RF is 99%. Furthermore, other simulation results-based precision, recall, F1 score, and log loss metric reveal that RF outperforms on all types of attacks in binary classification. However, in multi-class classification, KNN outperforms other ML algorithms with an accuracy of 99%, which is 4% higher than RF.