Browse by author
Lookup NU author(s): Professor Gui Yun TianORCiD, Dr Yachao Ran
This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0).
© 2024 The Author(s). IET Networks published by John Wiley & Sons Ltd on behalf of The Institution of Engineering and Technology.The authors introduce an unsupervised Intrusion Detection System designed to detect zero-day distributed denial of service (DDoS) attacks in Internet of Things (IoT) networks. This system can identify anomalies without needing prior knowledge or training on attack information. Zero-day attacks exploit previously unknown vulnerabilities, making them hard to detect with traditional deep learning and machine learning systems that require pre-labelled data. Labelling data is also a time-consuming task for security experts. Therefore, unsupervised methods are necessary to detect these new threats. The authors focus on DDoS attacks, which have recently caused significant financial and service disruptions for many organisations. As IoT networks grow, these attacks become more sophisticated and harmful. The proposed approach detects zero-day DDoS attacks by using random projection to reduce data dimensionality and an ensemble model combining K-means, Gaussian mixture model, and one-class SVM with a hard voting technique for classification. The method was evaluated using the CIC-DDoS2019 dataset and achieved an accuracy of 94.55%, outperforming other state-of-the-art unsupervised learning methods.
Author(s): Roopak M, Parkinson S, Tian GY, Ran Y, Khan S, Chandrasekaran B
Publication type: Article
Publication status: Published
Journal: IET Networks
Year: 2024
Volume: 13
Issue: 5-6
Pages: 513-527
Online publication date: 08/10/2024
Acceptance date: 03/09/2024
Date deposited: 22/10/2024
ISSN (print): 2047-4954
ISSN (electronic): 2047-4962
Publisher: John Wiley and Sons Inc
URL: https://doi.org/10.1049/ntw2.12134
DOI: 10.1049/ntw2.12134
Data Access Statement: The data that support the findings of this study are openly available in https://www.unb.ca/cic/datasets/ddos-2019.html.
