| Electronics | |
| Machine-Learning-Based Darknet Traffic Detection System for IoT Applications | |
| Moez Krichen1 Qasem Abu Al-Haija2 Wejdan Abu Elhaija3 | |
| [1] Department of Computer Science, Al-Baha University, Al Baha 3029, Saudi Arabia;Department of Computer Science/Cybersecurity, Princess Sumaya University for Technology (PSUT), Amman 11941, Jordan;Department of Electrical Engineering, Princess Sumaya University for Technology (PSUT), Amman 11941, Jordan; | |
| 关键词: cybersecurity; machine learning; Internet of Things (IoT); IDS system; networks; darknet; | |
| DOI : 10.3390/electronics11040556 | |
| 来源: DOAJ | |
【 摘 要 】
The massive modern technical revolution in electronics, cognitive computing, and sensing has provided critical infrastructure for the development of today’s Internet of Things (IoT) for a wide range of applications. However, because endpoint devices’ computing, storage, and communication capabilities are limited, IoT infrastructures are exposed to a wide range of cyber-attacks. As such, Darknet or blackholes (sinkholes) attacks are significant, and recent attack vectors that are launched against several IoT communication services. Since Darknet address space evolved as a reserved internet address space that is not contemplated to be used by legitimate hosts globally, any communication traffic is speculated to be unsolicited and distinctively deemed a probe, backscatter, or misconfiguration. Thus, in this paper, we develop, investigate, and evaluate the performance of machine-learning-based Darknet traffic detection systems (DTDS) in IoT networks. Mainly, we make use of six supervised machine-learning techniques, including bagging decision tree ensembles (BAG-DT), AdaBoost decision tree ensembles (ADA-DT), RUSBoosted decision tree ensembles (RUS-DT), optimizable decision tree (O-DT), optimizable k-nearest neighbor (O-KNN), and optimizable discriminant (O-DSC). We evaluate the implemented DTDS models on a recent and comprehensive dataset, known as the CIC-Darknet-2020 dataset, composed of contemporary actual IoT communication traffic involving four different classes that combine VPN and Tor traffic in a single dataset covering a wide range of captured cyber-attacks and hidden services provided by the Darknet. Our empirical performance analysis demonstrates that bagging ensemble techniques (BAG-DT) offer better accuracy and lower error rates than other implemented supervised learning techniques, scoring a 99.50% of classification accuracy with a low inferencing overhead of 9.09 µ second. Finally, we also contrast our BAG-DT-DTDS with other existing DTDS models and demonstrate that our best results are improved by (1.9~27%) over the former state-of-the-art models.
【 授权许可】
Unknown
878987797
028-85220240
