Download PDFOpen PDF in browserEnhanced IoT Intrusion Detection: a Hybrid Framework Integrating Decision Tree and One-Class SVMEasyChair Preprint 158957 pages•Date: March 7, 2025AbstractWith the escalating sophistication of cyber-attacks, there is a pressing need for efficient intrusion detection mechanisms in the context of the Internet of Things (IoT). These mechanisms are crucial for monitoring computer resources and generating reports on suspicious or anomalous activities. Conventional intrusion detection systems (IDS) typically rely on a single classifier for intrusion identification, which often struggles to achieve high accuracy and low false alarm rates. This challenge is amplified by the polymorphic, metamorphic, and zero-day behaviors exhibited by malware. To overcome these limitations, this research proposes a hybrid IDS (HIDS) tailored for the IoT environment. The HIDS integrates the power of a Decision Tree classifier and a One-Class Support Vector Machine to establish a robust and effective intrusion detection framework. By synergistically leveraging the strengths of Signature-based Intrusion Detection Systems (SIDS) and Anomaly-based Intrusion Detection Systems (AIDS), the HIDS aims to proficiently identify both known intrusions and zero-day attacks, achieving enhanced detection accuracy while minimizing false alarm rates. To validate the efficacy of the proposed HIDS, benchmark datasets such as NSL-KDD and ADFA are employed for evaluation. Experimental results demonstrate that HIDS surpasses the performance of traditional SIDS in terms of detection rate and false alarm rates, thereby elevating the overall effectiveness of intrusion detection in the IoT landscape. Keyphrases: Cybersecurity, IDS, IoT, SVM
|
