Document Type : Research Article
Department of Electrical Engineering (Communication), Tarbiat Modares University
Intrusion detection is one of the main challenges in wireless systems especially in Internet of things (IOT) based networks. There are various attack types such as probe, denial of service, remote to local and user to root. In addition to known attacks and malicious behaviors, there are various unknown attacks that some of them have similar behavior with respect to each other or mimic the normal behavior. So, classification of connections in IOT based networks is a hard and challenging task. In this paper, an intrusion detection framework is proposed for classification of various attacks and separation of them from the normal connections. The double discriminant embedding (DDE) method is used to transform the original feature space of data. This transform is implemented in two steps. In the first step, the difference between the features is maximized; and in the second one, the difference between classes is increased. The extracted features not only have less overlapping with respect to each other and contain less redundant information but also they provide more separation between different classes. The extracted features are fed to the support vector machine (SVM) with polynomial kernel for classification. The experiments on NSL-KDD dataset have shown improvement of SVM when DDE features are used.