The Repository @ St. Cloud State

Open Access Knowledge and Scholarship

Date of Award

4-2020

Culminating Project Type

Thesis

Degree Name

Information Assurance: M.S.

Department

Information Assurance and Information Systems

College

Herberger School of Business

First Advisor

Akalanga Maleiwa

Second Advisor

Jieyu Wang

Third Advisor

Farra Hazem

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Keywords and Subject Headings

IoT, Network Intrusion, Deep learning, Machine Learning, Zero-day attack, anti-malware, Mirai, botnet, machine learning, anomaly, detection, DOS, DDOS

Abstract

In recent years, we have witnessed a massive growth of intrusion attacks targeted at the internet of things (IoT) devices. Due to inherent security vulnerabilities, it has become an easy target for hackers to target these devices. Recent studies have been focusing on deploying intrusion detection systems at the edge of the network within these devices to localize threat mitigation to avoid computational expenses. Intrusion detection systems based on machine learning and deep learning algorithm have demonstrated the potential capability to detect zero-day attacks where traditional signature-based detection falls short. The paper aims to propose a lightweight and robust deep learning framework for intrusion detection that has computational potential to be deployed within IoT devices. The research builds upon previous researches showing the demonstrated efficiency of anomaly detection rates of self-organizing map-based intrusion. The paper will contribute to the existing body of knowledge by creating a hybrid self-organizing map (SOM) for the purpose of detecting botnet attacks and analyzing its accuracy compared with a traditional supervised artificial neural network (ANN). The paper also aims to answer questions regarding the computational efficiency of our hybrid self-organizing map by measuring the CPU consumption based on time to train model. The deep learning prototypes will be trained on the NSL-KDD dataset and Detection of IoT botnet Attacks dataset. The study will evaluate the performance of a self-organizing map based k-nearest neighbor prototype with the performance of a supervised artificial neural network based on validation metrics such as confusion matrix, f1, recall, precision, and accuracy score.

Share

COinS