DNNET-Ensemble approach to detecting and identifying attacks in IoT environments

  • Cristiano A. de Souza UFSC
  • Carlos B. Westphall UFSC
  • Jean D. G. Valencio UNIOESTE
  • Renato B. Machado UNIOESTE
  • Wesley dos R. Bezerra UFSC


Special security techniques like intrusion detection mechanisms are indispensable in modern computer systems. It is important to detect and identify the attack in a category so that specific countermeasures for the threat category are solved. However, most existing multiclass detection approaches have some weaknesses, mainly related to detecting specific categories of attacks and problems with false positives. This article addresses this research problem and advances state-of-the-art, bringing contributions to a two-stage detection architecture called DNNET-Ensemble, combining binary and multiclass detection. The results obtained in experiments with renowned intrusion datasets demonstrate that the approach can achieve superior detection rates and false positives performance compared to other state-of-the-art approaches.


Albulayhi, K., Abu Al-Haija, Q., Alsuhibany, A., A., Ashrafuzzaman, M., and Sheldon, F. T. (2022). Iot intrusion detection using machine learning with a novel high performing feature selection method. Applied Sciences, 12(10).

Almiani, M., AbuGhazleh, A., and Al-Rahayfeh, A. (2020). Deep recurrent neural network for iot intrusion detection system. Simulation Modelling Practice and Theory, 101:102031. Modeling and Simulation of Fog Computing.

Blanco, R., Malagón, P., Cilla, J. J., and Moya, J. M. (2018). Multiclass network attack classifier using cnn tuned with genetic algorithms. In 2018 28th International Symposium on Power and Timing Modeling, Optimization and Simulation (PATMOS), pages 177-182.

Bonomi, F., Milito, R., Zhu, J., and Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, MCC '12, page 13-16, New York, NY, USA. Association for Computing Machinery.

Dat-Thinh, N., Xuan-Ninh, H., and Kim-Hung, L. (2022). Midsiot: A multistage intrusion detection system for internet of things. Wireless Communications and Mobile Computing, 2022.

Diro, A. A. and Chilamkurti, N. (2018). Distributed attack detection scheme using deep learning approach for internet of things. Future Generation Computer Systems, 82:761 - 768.

Du, R., Li, Y., Liang, X., and Tian, J. (2020). Support vector machine intrusion detection scheme based on cloud-fog collaboration. In International Conference on Security and Privacy in New Computing Environments, pages 321-334. Springer.

Geurts, P., Ernst, D., and Wehenkel, L. (2006). Extremely randomized trees. Machine learning, 63(1):3-42.

Gopalakrishnan, B. and Purusothaman, P. (2022). A new design of intrusion detection in iot sector using optimal feature selection and high ranking-based ensemble learning model. Peer-to-Peer Networking and Applications, pages 1-28.

Ieracitano, C., Adeel, A., Morabito, F. C., and Hussain, A. (2020). A novel statistical analysis and autoencoder driven intelligent intrusion detection approach. Neurocomputing, 387:51 - 62.

Liang, H., Liu, D., Zeng, X., and Ye, C. (2022). An intrusion detection method for advanced metering infrastructure based on federated learning. Journal of Modern Power Systems and Clean Energy, pages 1-11.

Mohamed Omar, H. O., Goyal, S. B., and Varadarajan, V. (2021). Application of sliding window deep learning for intrusion detection in fog computing. In 2021 Emerging Trends in Industry 4.0 (ETI 4.0), pages 1-6.

Nguyen, T. G., Phan, T. V., Nguyen, B. T., So-In, C., Baig, Z. A., and Sanguanpong, S. (2019). Search: A collaborative and intelligent nids architecture for sdn-based cloud iot networks. IEEE Access, 7:107678-107694.

Ni, J., Zhang, K.and Lin, X., and Shen, X. (2018). Securing fog computing for internet of things applications: Challenges and solutions. IEEE Communications Surveys & Tutorials.

Prabavathy, S., Sundarakantham, K., and Shalinie, S. M. (2018). Design of cognitive fog computing for intrusion detection in internet of things. Journal of Communications and Networks, 20(3):291-298.

Qaddoura, R., M. Al-Zoubi, A., Faris, H., and Almomani, I. (2021). A multi-layer classification approach for intrusion detection in iot networks based on deep learning. Sensors, 21(9).

Sahar, N., Mishra, R., and Kalam, S. (2021). Deep learning approach-based network intrusion detection system for fog-assisted iot. In Proceedings of international conference on big data, machine learning and their applications, pages 39-50. Springer.

Sarwar, A., Hasan, S., Khan, W. U., Ahmed, S., and Marwat, S. N. K. (2022). Design of an advance intrusion detection system for iot networks. In 2022 2nd International Conference on Artificial Intelligence (ICAI), pages 46-51.

Souza, C. A., Westphall, C. B., and Machado, R. B. (2022). Two-step ensemble approach for intrusion detection and identification in iot and fog computing environments. Computers & Electrical Engineering, 98:107694.

Souza, C. A., Westphall, C. B., Machado, R. B., Loffi, L., Westphall, C. M., and Geronimo, G. A. (2022). Intrusion detection and prevention in fog based iot environments: A systematic literature review. Computer Networks, 214:109154.

Souza, C. A., Westphall, C. B., Machado, R. B., Sobral, J. B. M., and Vieira, G. S. (2020). Hybrid approach to intrusion detection in fog-based iot environments. Computer Networks, 180:107417.

Ullah, I. and Mahmoud, Q. H. (2020). A scheme for generating a dataset for anomalous activity detection in iot networks. In Canadian Conference on Artificial Intelligence, pages 508-520. Springer.

Vaccari, I., Chiola, G., Aiello, M., Mongelli, M., and Cambiaso, E. (2020). Mqttset, a new dataset for machine learning techniques on mqtt. Sensors, 20(22):6578.

Zhao, R., Mu, Y., Zou, L., and Wen, X. (2022). A hybrid intrusion detection system based on feature selection and weighted stacking classifier. IEEE Access, pages 1-14.
SOUZA, Cristiano A. de; WESTPHALL, Carlos B.; VALENCIO, Jean D. G.; MACHADO, Renato B.; BEZERRA, Wesley dos R.. DNNET-Ensemble approach to detecting and identifying attacks in IoT environments. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 41. , 2023, Brasília/DF. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2023 . p. 435-448. ISSN 2177-9384. DOI: https://doi.org/10.5753/sbrc.2023.502.