IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v16y2024i7p253-d1437506.html
   My bibliography  Save this article

A Novel Hybrid Unsupervised Learning Approach for Enhanced Cybersecurity in the IoT

Author

Listed:
  • Prabu Kaliyaperumal

    (School of Computer Science and Engineering, Galgotias University, Dankaur 203201, India)

  • Sudhakar Periyasamy

    (School of Computer Science and Engineering, Galgotias University, Dankaur 203201, India)

  • Manikandan Thirumalaisamy

    (Department of CSBS, Rajalakshmi Engineering College, Tamil Nadu 602105, India)

  • Balamurugan Balusamy

    (Associate Dean-Students, Shiv Nadar University, Delhi-NCR Campus, Noida 201305, India)

  • Francesco Benedetto

    (Signal Processing for TLC and Economics, University of Roma Tre, 00154 Rome, Italy)

Abstract

The proliferation of IoT services has spurred a surge in network attacks, heightening cybersecurity concerns. Essential to network defense, intrusion detection and prevention systems (IDPSs) identify malicious activities, including denial of service (DoS), distributed denial of service (DDoS), botnet, brute force, infiltration, and Heartbleed. This study focuses on leveraging unsupervised learning for training detection models to counter these threats effectively. The proposed method utilizes basic autoencoders (bAEs) for dimensionality reduction and encompasses a three-stage detection model: one-class support vector machine (OCSVM) and deep autoencoder (dAE) attack detection, complemented by density-based spatial clustering of applications with noise (DBSCAN) for attack clustering. Accurately delineated clusters aid in mapping attack tactics. The MITRE ATT&CK framework establishes a “Cyber Threat Repository”, cataloging attacks and tactics, enabling immediate response based on priority. Leveraging preprocessed and unlabeled normal network traffic data, this approach enables the identification of novel attacks while mitigating the impact of imbalanced training data on model performance. The autoencoder method utilizes reconstruction error, OCSVM employs a kernel function to establish a hyperplane for anomaly detection, while DBSCAN employs a density-based approach to identify clusters, manage noise, accommodate diverse shapes, automatically determining cluster count, ensuring scalability, and minimizing false positives and false negatives. Evaluated on standard datasets such as CIC-IDS2017 and CSECIC-IDS2018, the proposed model outperforms existing state of art methods. Our approach achieves accuracies exceeding 98% for the two datasets, thus confirming its efficacy and effectiveness for application in efficient intrusion detection systems.

Suggested Citation

  • Prabu Kaliyaperumal & Sudhakar Periyasamy & Manikandan Thirumalaisamy & Balamurugan Balusamy & Francesco Benedetto, 2024. "A Novel Hybrid Unsupervised Learning Approach for Enhanced Cybersecurity in the IoT," Future Internet, MDPI, vol. 16(7), pages 1-29, July.
  • Handle: RePEc:gam:jftint:v:16:y:2024:i:7:p:253-:d:1437506
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/16/7/253/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/1999-5903/16/7/253/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:16:y:2024:i:7:p:253-:d:1437506. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.