This project focuses on developing intrusion detection systems (IDS) for Internet of Things (IoT) and Industrial Internet of Things (IIoT) networks using machine learning and deep learning techniques. It includes the implementation and evaluation of IDS models using two datasets: CoAP-DDoS and Edge-IIoT.
In recent years, the proliferation of IoT and IIoT devices has led to an increased risk of cyberattacks targeting these networks. Intrusion detection systems play a crucial role in identifying and mitigating such attacks. This project aims to develop effective IDS models tailored for IoT and IIoT environments.
The project utilizes two datasets for training and evaluating the IDS models:
- CoAP-DDoS Dataset: A dataset containing network traffic data related to CoAP-based DDoS attacks. Original Publication.
- Edge-IIoT Dataset: A dataset comprising network traffic data from Edge-IIoT environments, including various types of attacks and normal traffic. Original Publicaiton.
The CoAP-DDoS dataset consists of network traffic data captured during CoAP-based DDoS attacks. It includes features such as packet headers, payload information, and timestamps.
Preprocessing steps applied to the CoAP-DDoS dataset include median filtering, standard deviation-based filtering, and normalization. These steps help in cleaning the data and preparing it for model training.
The IDS model architecture for the CoAP-DDoS dataset consists of convolutional and recurrent neural network layers. These layers are designed to extract relevant features from the input data and make predictions based on them.
The model is trained using the training data from the CoAP-DDoS dataset and evaluated using the test data. Training involves optimizing the model's parameters using the Adam optimizer and minimizing the sparse categorical crossentropy loss. The model's performance is evaluated based on accuracy metrics.
The Edge-IIoT dataset comprises network traffic data collected from Edge-IIoT environments, including various types of attacks and normal traffic patterns. It contains features related to network protocols, communication patterns, and attack types.
Preprocessing of the Edge-IIoT dataset involves encoding categorical features, scaling numerical features, and reshaping the data for model compatibility. These preprocessing steps ensure that the data is in a suitable format for training the IDS model.
The IDS model architecture for the Edge-IIoT dataset includes convolutional, pooling, and recurrent layers followed by dense layers for classification. This architecture is designed to capture temporal and spatial dependencies in the input data and make accurate predictions.
The model is trained using the preprocessed training data from the Edge-IIoT dataset and evaluated using the test data. Training involves optimizing the model's parameters using the Adam optimizer and minimizing the categorical crossentropy loss. Model performance is assessed using accuracy metrics and confusion matrices.
To use the project, follow these steps:
- Clone the repository to your local machine.
- Install the required dependencies mentioned in the
requirements.txt
file. - Run the provided Jupyter notebooks or Python scripts to train and evaluate the IDS models.
- Experiment with different hyperparameters and architectures to improve model performance.
Contributions to this project are welcome. If you encounter any issues or have suggestions for improvements, please open an issue or submit a pull request on GitHub.
This project is licensed under the Apache License - see the LICENSE file for details.
© 2024 ALI BAYANI