IRAQI JOURNAL OF COMPUTERS, COMMUNICATIONS, CONTROL AND SYSTEMS ENGINEERING

Hackerscanconductmoredestructivecyber-attacksthankstotherapidspread of Internet of Things (IoT) devices, posing significant security risks for users. Through a malicious process, the attacker intended to exhaust the capital of the target IoT network. Researchers and company owners are concerned about the reliability of IoT networks, which is taken into account because it has a significant impact on the delivery of facilities provided by IoT systems and the security of user groups. The intrusion prevention system ensures that the network is protected by detecting malicious activity. In this paper, the focus is on predicting attacks and distinguishing between normal network use and network exploitation for intrusion and network attack and we will use Swarm Intelligence (SI) which is one of the types of artificial intelligence (AI) that we harness to choose features to determine the task of them and specifically we will use an algorithm Meerkat Clan (MCA) for this purpose, as this research suggested a modified IDS in machine learning (ML) based IoT environments to identify features and these features will be input into Random Forest algorithm. The IoTID20 dataset is used where nominal traits are removed, so the final dataset contains 79 traits. The data set contains three categories: the label that identifies whether it is a natural use or exploitation, the category that characterizes the type of exploitation, and the subcategory that describes that exploitation more accurately. The number of trees in a random forest (RF) classifier for binary, class, and subclass will be determined by the experiment. The trained classifier is then tested and the approach achieves 100% accuracy for binary target prediction, 96.5% for category and accuracy ranges of 83.7% for sub-category target prediction. The proposed system is evaluated and compared with previous systems and its performance is shown through the use of confusion matrix and others.

Abstract - This research proposes “Integrated Network Intrusion Detection System (INIDS)” which is NIDS for wire/wireless networks. INIDN consider features of the three layers; transport and Internet layers for wire and data link layer for wireless. The proposal is a Data Mining (DM)-based INIDS, which trained over a labeled wire and wireless datasets (each transaction labeled normal, intrusion name or unknown), INIDS is a hybrid IDS (anomaly and misuse). INIDS, train and construct two separated proposed models these are, Wire-NIDS and Wireless-NIDS then integrate the two models to build the final INIDS. Wire-NIDS use NSL-KDD dataset; use Principle Component Analysis (PCA) as a feature extraction, and use Support Vector Machine (SVM) with Artificial Neural Network (ANN) as classifiers. Wireless-NIDS use proposed Wdataset dataset, use Gain Ratio (GR) as feature selection, and use Naïve Bayesian (NB) as a classifier. The results obtained from executing the proposed INIDS model showing that Wire-NIDS and Wireless-NIDS classifier accuracy and detection rate is generally higher with the subset of features obtained by PCA (8 from 41) and GR (8 from 17) than with all sets of features. Proposed confusion matrix of INIDS gives less confusion in detection rates with reduced features.

Keywords: IDS, SVM, ANN, NB, PCA, and GR.