A distributed SDN-based intrusion detection system for IoT using optimized forests

A distributed SDN-based intrusion detection system for IoT using optimized forests

Along with the expansion of Internet of Things (IoT), the importance of security and intrusion detection in this network also increases, and the need for new and architecture-specific intrusion detection systems (IDS) is felt. In this article, a distributed intrusion detection system based on a soft...

Full description

Saved in:
Bibliographic Details
Published in:PloS one Vol. 18; no. 8; p. e0290694
Main Author: Luo, Ke
Format: Journal Article
Language:English
Published: United States Public Library of Science 30-08-2023
Public Library of Science (PLoS)
Subjects:
Accuracy
Algorithms
Applications software
Black holes
Blockchain
Collaboration
Computer and Information Sciences
Computer architecture
Computer Communication Networks
Cybersecurity
Data security
Decision making
Decision trees
Deep learning
Engineering and Technology
Feature selection
Internet
Internet of Things
Intrusion detection systems
Machine learning
Methods
Network architecture
Neural networks
Optimization
Optimization algorithms
Optimization techniques
Physical Sciences
Research and Analysis Methods
Software
Software-defined networking
China
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Along with the expansion of Internet of Things (IoT), the importance of security and intrusion detection in this network also increases, and the need for new and architecture-specific intrusion detection systems (IDS) is felt. In this article, a distributed intrusion detection system based on a software defined networking (SDN) is presented. In this method, the network structure is divided into a set of sub-networks using the SDN architecture, and intrusion detection is performed in each sub-network using a controller node. In order to detect intrusion in each sub-network, a decision tree optimized by black hole optimization (BHO) algorithm is used. Thus, the decision tree deployed in each sub-network is pruned by BHO, and the split points in its decision nodes are also determined in such a way that the accuracy of each tree in detecting sub-network attacks is maximized. The performance of the proposed method is evaluated in a simulated environment and its performance in detecting attacks using the NSLKDD and NSW-NB15 databases is examined. The results show that the proposed method can identify attacks in the NSLKDD and NSW-NB15 databases with an accuracy of 99.2% and 97.2%, respectively, which indicates an increase compared to previous methods.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
ObjectType-Correction/Retraction-3
Competing Interests: The authors have declared that no competing interests exist.
ISSN:1932-6203
1932-6203
DOI:10.1371/journal.pone.0290694