Intrusion Detection in IOT based Networks Using Double Discriminant Analysis

Document Type : Research Article


Department of Electrical Engineering (Communication), Tarbiat Modares University


Intrusion detection is one of the main challenges in wireless systems especially in Internet of things (IOT) based networks. There are various attack types such as probe, denial of service, remote to local and user to root. In addition to the known attacks and malicious behaviors, there are various unknown attacks which some of them have similar behaviors with respect to each other or mimic the normal behavior. So, classification of connections in IOT based networks is a hard and challenging task. In this paper, an intrusion detection framework is proposed for classification of various attacks and separation of them from the normal connections. The double discriminant embedding (DDE) method is used to transform the original feature space of data. This transform is implemented in two steps. In the first step, the difference between the features is maximized; and in the second one, the difference between classes is increased. The extracted features not only have less overlapping with respect to each other and contain less redundant information but also they provide more separation between different classes. The extracted features are fed to the support vector machine (SVM) with polynomial kernel for classification. The experiments on NSL-KDD dataset have shown improvement of the SVM classifier when the DDE features are used.


Main Subjects

[1] H. Ngu, M. Gutierrez, V. Metsis, S. Nepal and Q. Z. Sheng, IoT Middleware: A Survey on Issues and Enabling Technologies, IEEE Internet of Things Journal, 4 (1) (2017) 1-20.
[2] Amouri, V. T. Alaparthy and S. D. Morgera, Cross layer-based intrusion detection based on network behavior for IoT, 2018 IEEE 19th Wireless and Microwave Technology Conference (WAMICON), Sand Key, FL (2018) 1-4.
[3] M. Frustaci, P. Pace, G. Aloi and G. Fortino, Evaluating Critical Security Issues of the IoT World: Present and Future Challenges, IEEE Internet of Things Journal, 5 (4) (2018) 2483-2495.
[4] E. Benkhelifa, T. Welsh and W. Hamouda, A Critical Review of Practices and Challenges in Intrusion Detection Systems for IoT: Toward Universal and Resilient Systems, IEEE Communications Surveys & Tutorials, 20 (4) (2018) 3496-3509.
[5] M. R. Sabhnani and G. Serpen, Application of machine learning algorithms to KDD intrusion detection dataset with in misuse detection context, In Proceedings of the international conference on machine learning: Models, technologies, and applications (2003) 209–215.
[6] B. Pfahringer, Winning the KDD99 classification cup: Bagged boosting. SIGKDD Explorations, 1 (2) (2000) 65–66.
[7] I.Levin, KDD-99 classifier learning contest LLSoft’s results overview, SIGKDD Explorations, 1 (2) (2000) 67–75.
[8] D. Papamartzivanos, F. Gómez Mármol, G. Kambourakis, Dendron : Genetic trees driven rule induction for network intrusion detection systems, Future Generation Computer Systems, 79 (2) (2018) 558-574.
[9] J. Zhang, M. Zulkernine and A. Haque, Random-Forests-Based Network Intrusion Detection Systems, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 38 (5) (2008) 649-659.
[10]Adel Nadjaran Toosi, Mohsen Kahani, A new approach to intrusion detection based on an evolutionary soft computing model using neurofuzzy classifiers, Computer Communications, 30 (10) (2007) 2201-2212.
[11]W. Xuren, H. Famei and X. Rongsheng, Modeling Intrusion Detection System by Discovering Association Rule in Rough Set Theory Framework, 2006 International Conference on Computational Inteligence for Modelling Control and Automation and International Conference on Intelligent Agents Web Technologies and International Commerce (CIMCA’06), Sydney, NSW (2006) 24-24.
[12]Y. Zhang, P. Li and X. Wang, Intrusion Detection for IoT Based on Improved Genetic Algorithm and Deep Belief Network, IEEE Access, 7 (2019) 31711-31722.
[13] D. Li, L. Deng, M. Lee, H. Wang, IoT data feature extraction and intrusion detection system for smart cities based on deep migration learning, International Journal of Information Management, 49 (2019) 533-545.
[14]V. V. Kumari and P. R. K. Varma, A semi-supervised intrusion detection system using active learning SVM and fuzzy c-means clustering, 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), Palladam (2017) 481-485.
[15]M. Hasan, Md. M. Islam, Md I. Islam Zarif, M.M.A. Hashem, Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches, Internet of Things, 7 (2019).
[16]K. A.P. d. Costa, J. P. Papa, C. O. Lisboa, R. Munoz, Victor Hugo C. de Albuquerque, Internet of Things: A survey on machine learning-based intrusion detection approaches, Computer Networks, 151 (2019) 147- 157.
[17] S. Hajiheidari, K. Wakil, M. Badri, N. J. Navimipour, Intrusion detection systems in the Internet of things: A comprehensive investigation, Computer Networks, 160 (2019) 165-191.
[18]J. F. Charles Joseph, B. Lee, A. Das and B. Seet, Cross-Layer Detection of Sinking Behavior in Wireless Ad Hoc Networks Using SVM and FDA, IEEE Transactions on Dependable and Secure Computing, 8 (2) (2011) 233-245.
[19] S. Teng, N. Wu, H. Zhu, L. Teng and W. Zhang, SVM-DT-based adaptive and collaborative intrusion detection, IEEE/CAA Journal of Automatica Sinica, 5 (1) (2018) 108-118.
[20]P. Tao, Z. Sun and Z. Sun, An Improved Intrusion Detection Algorithm Based on GA and SVM, IEEE Access, 6 (2018) 13624-13631.
[21] Shi-Jinn Horng, Ming-Yang Su, Yuan-Hsin Chen, Tzong-Wann Kao, Rong-Jian Chen, Jui-Lin Lai, Citra Dwi Perkasa, A novel intrusion detection system based on hierarchical clustering and support vector machines,Expert Systems with Applications, 38 (1) (2011) 306-313.
[22]H. H. Pajouh, R. Javidan, R. Khayami, A. Dehghantanha and K. R. Choo, A Two-Layer Dimension Reduction and Two-Tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networks, IEEE Transactions on Emerging Topics in Computing, 7 (2) (2019) 314- 323.
[23]K. Fukunaga, Introduction to Statistical Pattern Recognition, 2nd ed. New York: Academic (1990).
[24]M. Imani, H. Ghassemian, High-Dimensional Image Data Feature Extraction by Double Discriminant Embedding, Pattern Analysis and Applications, 20 (2) (2017) 473–484.
[25]G. Camps-Valls and L. Bruzzone, Kernel-based methods for hyperspectral image classification, IEEE Trans. Geosci. Remote Sens., 43 (6) (2005) 1351–1362.
[26]M. Imani and H. Ghassemian, The Investigation of Sensitivity of SVM Classifier Respect to The Number of Features and The Number of Training Samples, 2nd International Conference on Sensors and Models in Photogrammetry and Remote Sensing, Tehran, Iran (2013) 209-214.
[27]C. Chang and C. Linin, LIBSVM—A library for support vector machines, 2008. Online Available:
[28]NSL-KDD Dataset, available online in NSL_KDD.
[29]K. Siddique, Z. Akhtar, F. Aslam Khan and Y. Kim, KDD Cup 99 Data Sets: A Perspective on the Role of Data Sets in Network Intrusion Detection Research, in Computer, 52 (2) (2019) 41-51.
[30] D. Protic, Review of KDD Cup ‘99, NSL-KDD and Kyoto 2006+ datasets, Vojnotehnički Glasnik / Military Technical Courier, 66 (3) (2018) 580-596.
[31]R. Beghdad, Efficient deterministic method for detecting new U2R attacks, Comput. Commun., 32 (6) (2009) 1104–1110.
[32]G. K. D. Teyou, J. Ziazet, Convolutional Neural Network for Intrusion Detection System In Cyber Physical Systems, arXiv:1905.03168 (2019).
[33]W. Hu, W. Hu and S. Maybank, AdaBoost-Based Algorithm for Network Intrusion Detection, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics), 38 (2) (2008) 577-583.