Intrusion Detection via MLP Neural Network using an Arduino Embedded System
Real-time intrusion detection using low-power devices is one of the main challenges for the Internet of Things (IoT) research community. Currently, many Intrusion Detection Systems tackle this task using Artificial Neural Networks (ANNs) and other machine learning techniques. However, some of these methods are computationally costly, which makes them unfeasible in an IoT scenario. To address this, we train a Multilayer Perceptron (MLP) using NLS-KDD for Weka, a modified version of the NSL-KDD dataset containing less features, resulting in a perceptron neural network with a small number of artificial neurons. As a result, we evaluated the MLP networks using metrics such as accuracy, precision, and coverage, as well as classifier performance running on Arduino via time measurements (microseconds).
F. M. de Almeida, A. de R. L. Ribeiro, E. D. Moreno, and C. A. E. Montesco, “Performance evaluation of an artificial neural network multilayer perceptron with limited weights for detecting denial of service attack on internet of things,” in The Twelfth Advanced International Conference on Telecommunications, 2016, pp. 82–87.
L. D. Xu, W. He, and S. Li, “Internet of things in industries: A survey,” IEEE Transactions on Industrial Informatics, vol. 10, no. 4, pp. 2233– 2243, Nov 2014.
H. Nkiama, S. Z. M. Said, and M. Saidu, “A subset feature elimination mechanism for intrusion detection system,” International Journal of Advanced Computer Science and Applications, vol. 7, no. 4, 2016. [Online]. Available: http://dx.doi.org/10.14569/IJACSA.2016.070419
J. Misra and I. Saha, “Artificial neural networks in hardware: A survey of two decades of progress,” Neurocomputing, vol. 74, no. 1, pp. 239 – 255, 2010, artificial Brains. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S092523121000216X
G. Parker and M. Khan, “Distributed neural network: Dynamic learning via backpropagation with hardware neurons using arduino chips,” in 2016 International Joint Conference on Neural Networks (IJCNN), July 2016, pp. 206–212.
M. L. Labs, “KDD 99 dataset,” 1999. [Online]. Available: http://kdd.ics.uci.edu/databases/kddcup99/
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the kdd cup 99 data set,” in 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, July 2009, pp. 1–6.
F. Botes, L. Leenen, and R. De La Harpe, “Ant colony induced decision trees for intrusion detection,” in 16th European Conference on Cyber Warfare and Security. ACPI, 2017, pp. 53–62.
J. Z. Lei and A. Ghorbani, “Network intrusion detection using an improved competitive learning neural network,” in Proceedings. Second Annual Conference on Communication Networks and Services Research, 2004., May 2004, pp. 190–197.
M. Amini, R. Jalili, and H. R. Shahriari, “Rt-unnid: A practical solution to real-time network-based intrusion detection using unsupervised neural networks,” Computers & Security, vol. 25, no. 6, pp. 459 – 468, 2006. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0167404806000782
K. Q. Yan, S. C. Wang, S. S. Wang, and C. W. Liu, “Hybrid intrusion detection system for enhancing the security of a cluster-based wireless sensor network,” in 2010 3rd International Conference on Computer Science and Information Technology, vol. 1, July 2010, pp. 114–118.
K. Jong, E. Marchiori, M. Sebag, and A. van der Vaart, “Feature selection in proteomic pattern data with support vector machines,” in 2004 Symposium on Computational Intelligence in Bioinformatics and Computational Biology, Oct 2004, pp. 41–48.
C.-F. Tsai, Y.-F. Hsu, C.-Y. Lin, and W.-Y. Lin, “Intrusion detection by machine learning: A review,” Expert Systems with Applications, vol. 36, no. 10, pp. 11 994 – 12 000, 2009. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0957417409004801
V. Bolón-Canedo, N. Sánchez-Maroño, and A. Alonso-Betanzos, “Feature selection and classification in multiple class datasets: An application to kdd cup 99 dataset,” Expert Systems with Applications, vol. 38, no. 5, pp. 5947 – 5957, 2011. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S0957417410012650
F. H. Botes, “NSL-KDD dataset for WEKA,” Sep 2017. [Online]. Available: https://github.com/FransHBotes/NSLKDD-Dataset
M.-J. Kang and J.-W. Kang, “Intrusion detection system using deep neural network for in-vehicle network security,” PLOS ONE, vol. 11, no. 6, pp. 1–17, 06 2016. [Online]. Available: https://doi.org/10.1371/journal.pone.0155781
S. Marsland, Machine Learning: An Algorithmic Perspective, Second Edition, 2nd ed. Chapman & Hall/CRC, 2014.
S. Raschka, Python Machine Learning. Packt Publishing, 2015.
ATmega328/P, Atmel Corporation, San Jose, CA, EUA, June 2016. [Online]. Available: https://www.microchip.com/