A Comprehensive Analysis of Machine Learning Models for Real Time Anomaly Detection in Internet of Things
DOI:
https://doi.org/10.26438/ijcse/v6i11.932937Keywords:
Multi-Layered Clustering, Ensemble Models, Intrusion Detection, K-Means, SVMAbstract
Anomaly detection is a major requirement of the current Internet of Things (IoT) and inter-networked communication environment. This work analyzes recent and prominent contributions in the domain of Anomaly detection. The analysis is performed especially in domains related to real time operations and IoT environment. The review is performed and results from most prominent models in literature are considered for analysis. This paper discusses the working mechanisms and the major issues in Anomaly detection such as data imbalance and noise especially in IoT domain and the methods used to handle these issues. Experiments were performed using the NSL-KDD benchmark data set. Precision, False Positive Rate and Accuracy are used to analyze the effectiveness of the models.
References
[1] N. Mohamudally, M.Mahejabeen Peermamode, “Building an Anomaly Detection Engine (ADE) For IoT Smart Applications“. Procedia computer science, Vol. 134, pp.10-17, 2018
[2] S. Ahmad, L. Alexander, P. Scott, A. Zuha, “Unsupervised real-time anomaly detection for streaming data“, Neurocomputing, Vol. 262, pp.134-147, 2017
[3] Mahdavinejad, S. Mohammad, R. Mohammadreza, B. Mohammadamin, A. Peyman, B. Payam, P. Sheth, “Machine learning for Internet of Things data analysis: A survey“, Digital Communications and Networks, 2017.
[4] Hoque, Mohammad Sazzadul, Md Mukit, Md Bikas, and Abu Naser. "An implementation of intrusion detection system using genetic algorithm." arXiv preprint arXiv:1204.1336, 2012.
[5] Piyush Pareta, Manish Rai, Mohit Gangwar, "An Integrated approach for effective Intrusion Detection with Elasticsearch", International Journal of Scientific Research in Computer Science and Engineering, Vol.6, Issue.3, pp.13-17, 2018
[6] O.Y. Al-Jarrah, P.D. Yoo, S. Muhaidat, G.K. Karagiannidis, K. Taha, “Efficient machine learning for big data: a review“, Big Data Res. big Data, Analytics, and High-Performance Computing, Vol.2, Issue.3, pp.87–93 https://doi.org/10.1016/j.bdr.2015.04.001, 2015
[7] S. Abt, H. Baier, “A plea for utilising synthetic data when performing machine learning based cyber-security experiments“, in: Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, ACM, pp.37–45, 2014.
[8] Ramchandar Durgam and R.V.Krishnaiah, "Online Intrusion Alert Aggregation with Generative Data Stream Modeling", International Journal of Scientific Research in Computer Science and Engineering, Vol.1, Issue.5, pp.23-23, 2013
[9] S.M.H. Bamakan , H. Wang , T. Yingjie , Y. Shi , “An effective intrusion detec- tion framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization“, Neurocomputing, Vol.199, pp.90–102, 2016.
[10] S. Akila, and U.S. Reddy. “Data Imbalance: Effects and Solutions for Classification of Large and Highly Imbalanced Data“. Proceedings of ICRECT, Vol.16, pp.28-34, 2016.
[11] J. McHugh , “Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory“, ACM Trans. Inf. Syst. Secur. Vol.3, Issue. 4, pp.262–294, 2000 .
[12] P. Rutravigneshwaran, "A Study of Intrusion Detection System using Efficient Data Mining Techniques", International Journal of Scientific Research in Network Security and Communication, Vol.5, Issue.6, pp.5-8, 2017
[13] J.P. Brooks , “Support vector machines with the ramp loss and the hard margin loss“, Operat. Res. Vol.59, Issue.2, pp.467–479, 2011.
[14] A. Somasundaram, and U.S. Reddy. “Modelling a stable classifier for handling large scale data with noise and imbalance“. In Computational Intelligence in Data Science (ICCIDS), IEEE International Conference, pp. 1-6, 2017.
[15] Al-Jarrah, O.Y., Al-Hammdi, Y., Yoo, P.D., Muhaidat, S. and Al-Qutayri, M. “Semi-supervised Multi-Layered Clustering Model for Intrusion Detection“. Digital Communications and Networks. 2017
[16] S.M.H. Bamakan, H. Wang, and Y. Shi. “Ramp loss K-Support Vector Classification-Regression; a robust and sparse multi-class approach to the intrusion detection problem“. Knowledge-Based Systems, Vol.126, pp.113-126, 2017.
[17] H. Wang, J. Gu, and S. Wang. “An effective intrusion detection framework based on SVM with feature augmentation“. Knowledge-Based Systems, Vol.136, pp.130-139, 2017.
[18] S. Roshan, Y. Miche, A. Akusok, and A. Lendasse. “Adaptive and online network intrusion detection system using clustering and Extreme Learning Machines“. Journal of the Franklin Institute, Vol.355, Issue.4, pp.1752-1779, 2018.
[19] KDD Cup’99 intrusion detection data set, Available on: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, October 2007.
[20] M. Tavallaee, E. Bagheri, W. Lu, and A.A. Ghorbani,. “A detailed analysis of the KDD CUP 99 data set“. In Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium, pp. 1-6, July, 2009.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
