Intelligent Machine Learning Architecture for Detecting DDoS attacks in IoT networks

Al-Hadhrami, Yahya Sulaiman Saud

Intelligent Machine Learning Architecture for Detecting DDoS attacks in IoT networks

Al-Hadhrami, Yahya Sulaiman Saud

Permalink

Publication Type:: Thesis
Issue Date:: 2020

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download contents and abstractAdobe PDF (151.86 kB)

Adobe PDF

Download thesisAdobe PDF (7.21 MB)

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Al-Hadhrami, Yahya Sulaiman Saud
dc.date.accessioned	2021-05-27T02:36:25Z
dc.date.available	2021-05-27T02:36:25Z
dc.date.issued	2020
dc.identifier.uri	http://hdl.handle.net/10453/149254
dc.description	University of Technology Sydney. Faculty of Engineering and Information Technology.	en_US.UTF-8
dc.description.abstract	The Internet of Things (IoT) is growing rapidly across a wide range of applications; one example of such an application is the smart city, in which a city’s infrastructure, such as road management, building automation, and people and crowd surveillance, is connected to the Internet. Such applications are being extended to factories, smart agriculture, and even smart devices, which are becoming very common. The rapid growth in the IoT has driven other technologies, such as 5G networks, to grow rapidly to adjust to the sheer number of devices connected to the Internet, and these technologies are expected to further expand the spread of the IoT. However, the existing IoT deployment does not come without challenges, including the large number of connected devices, security issues, and a variety of new standards. From a security perspective, IoT faces a growing threat when it comes to the availability of networks. Distributed denial of service (DDoS) attacks are one well-known threat. However, investigation of the literature shows a lack of solutions with which to tackle DDoS attacks in the IoT. To address this gap in the literature, this thesis proposes an intelligent machine-learning-based platform that can detect denial-of-service attacks, termed IDD-IoT. The proposed platform consists of several components, including building a real-time dataset generation framework to generate IoT-based datasets (IoT-DDoS) to detect malicious attacks in the IoT, allowing scientists and researchers in the field to further enhance intrusion detection systems with an up-to-date dataset. The platform then builds on the dataset generation framework, developing an intelligent machine-learning-based framework for detecting three kinds of IoT-DDoS attacks: blackhole, selective forwarding, and flooding attacks. We utilize this framework to build a novel advanced intrusion detection system (IDS) for IoT networks capable of analyzing and detecting DDoS attacks. The IDS consists of a real-time monitoring and analysis unit capable of monitoring traffic in real time with the assistance of an IDS agent that works as a communication link between the IDS and IoT network. We show that our proposed intelligent framework can efficiently detect malicious attacks in respect to security goals such as confidentiality, privacy, and availability, by building an emulated smart IoT environment using the Cooja simulation platform, and we evaluate its performance. Finally, we present the simulation and evolution results to highlight the proposed platform’s efficiency, taking into consideration the limitations associated with resource-constrained devices.	en_US.UTF-8
dc.format	Thesis (PhD)
dc.language.iso	en	en_US.UTF-8
dc.relation	https://opus.lib.uts.edu.au/bitstream/10453/149254/2/02whole.pdf
dc.rights	The author owns the copyright in this thesis including all reproduction and reuse rights for the work. The work may not be altered without the permission of the copyright owner. Attribution is essential when quoting or paraphrasing from this thesis.
dc.rights	au.edu.uts.lib/ppc
dc.rights	info:eu-repo/semantics/openAccess
dc.title	Intelligent Machine Learning Architecture for Detecting DDoS attacks in IoT networks	en_US.UTF-8
dc.type	Thesis
utslib.copyright.status	open_access	*

Abstract:

The Internet of Things (IoT) is growing rapidly across a wide range of applications; one example of such an application is the smart city, in which a city’s infrastructure, such as road management, building automation, and people and crowd surveillance, is connected to the Internet. Such applications are being extended to factories, smart agriculture, and even smart devices, which are becoming very common. The rapid growth in the IoT has driven other technologies, such as 5G networks, to grow rapidly to adjust to the sheer number of devices connected to the Internet, and these technologies are expected to further expand the spread of the IoT. However, the existing IoT deployment does not come without challenges, including the large number of connected devices, security issues, and a variety of new standards. From a security perspective, IoT faces a growing threat when it comes to the availability of networks. Distributed denial of service (DDoS) attacks are one well-known threat. However, investigation of the literature shows a lack of solutions with which to tackle DDoS attacks in the IoT. To address this gap in the literature, this thesis proposes an intelligent machine-learning-based platform that can detect denial-of-service attacks, termed IDD-IoT. The proposed platform consists of several components, including building a real-time dataset generation framework to generate IoT-based datasets (IoT-DDoS) to detect malicious attacks in the IoT, allowing scientists and researchers in the field to further enhance intrusion detection systems with an up-to-date dataset. The platform then builds on the dataset generation framework, developing an intelligent machine-learning-based framework for detecting three kinds of IoT-DDoS attacks: blackhole, selective forwarding, and flooding attacks. We utilize this framework to build a novel advanced intrusion detection system (IDS) for IoT networks capable of analyzing and detecting DDoS attacks. The IDS consists of a real-time monitoring and analysis unit capable of monitoring traffic in real time with the assistance of an IDS agent that works as a communication link between the IDS and IoT network. We show that our proposed intelligent framework can efficiently detect malicious attacks in respect to security goals such as confidentiality, privacy, and availability, by building an emulated smart IoT environment using the Cooja simulation platform, and we evaluate its performance. Finally, we present the simulation and evolution results to highlight the proposed platform’s efficiency, taking into consideration the limitations associated with resource-constrained devices.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/149254