Detection and Classification of Novel Attacks and Anomaly in IoT Network using Rule based Deep Learning Model

TL;DR

This paper proposes a rule-based deep neural network framework for detecting and classifying novel IoT network attacks, addressing limitations of existing methods and achieving over 99% accuracy on benchmark datasets.

Contribution

It introduces a novel rule-based deep learning model that effectively detects and classifies new IoT attacks, outperforming existing approaches in accuracy and false positive rates.

Findings

Achieves over 99% accuracy on CICIDS 2017 dataset

Balances attack detection with false positive and false negative rates

Effectively detects and classifies novel IoT network attacks

Abstract

Attackers are now using sophisticated techniques, like polymorphism, to change the attack pattern for each new attack. Thus, the detection of novel attacks has become the biggest challenge for cyber experts and researchers. Recently, anomaly and hybrid approaches are used for the detection of network attacks. Detecting novel attacks, on the other hand, is a key enabler for a wide range of IoT applications. Novel attacks can easily evade existing signature-based detection methods and are extremely difficult to detect, even going undetected for years. Existing machine learning models have also failed to detect the attack and have a high rate of false positives. In this paper, a rule-based deep neural network technique has been proposed as a framework for addressing the problem of detecting novel attacks. The designed framework significantly improves respective benchmark results, including the CICIDS 2017 dataset. The experimental results show that the proposed model keeps a good balance between attack detection, untruthful positive rates, and untruthful negative rates. For novel attacks, the model has an accuracy of more than 99%. During the automatic interaction between network-devices (IoT), security and privacy are the primary obstacles. Our proposed method can handle these obstacles efficiently and finally identify, and classify the different levels of threats.