Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
6.8
3.9
Journals
Sensors
Special Issues
Intrusion Detection Systems for IoT
sensors-logo
Submit to Special Issue Submit Abstract to Special Issue Review for Sensors Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

Intrusion Detection Systems for IoT

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: 24 May 2024 | Viewed by 6907

Special Issue Editors

Dr. Firooz Saghezchi

E-Mail Website
Guest Editor
Chair for Distributed Signal Processing, RWTH Aachen University, Kopernikusstraße 16, 52074 Aachen, Germany
Interests: mobile networks; NR; 6G; IoT; machine learning; security; intrusion detection systems; resource allocation
Special Issues, Collections and Topics in MDPI journals
Dr. Georgios Mantas

E-Mail Website
Guest Editor
Faculty of Engineering and Science, University of Greenwich, Chatham Maritime ME4 4TB, UK
Interests: IoT security; 6G security; intrusion detection systems; risk-based authentication; privacy-preserving authentication
Prof. Dr. Jonathan Rodriguez

E-Mail Website
Guest Editor
Faculty of Computing, Engineering and Science, University of South Wales, Pontypridd CF37 1DL, UK
Interests: MIMO; mmWave; mobile networks; 6G; IoT; resource allocation; cybersecurity
Special Issues, Collections and Topics in MDPI journals
Dr. Behrouz Zolfaghari

E-Mail Website
Guest Editor
Graduate School of Information, Since and Technology, Osaka University, Osaka, Japan
Interests: VLSI design; discrete mathematics; cryptography; high-performance computing
Dr. Pedro Pinto

E-Mail Website
Guest Editor
Instituto Politécnico de Viana do Castelo, 4900-347 Viana do Castelo, Portugal
Interests: IoT; wireless and mobile networks; network and system security
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

IoT is prevalent in our daily lives. There are currently two connected IoT devices per capita worldwide, and by 2025, this number will be doubled. Meanwhile, in some countries, including USA, South Korea, Japan, and Western European countries, there are already 10 connected IoT devices per capita. IoT devices collect tremendous amount of sensitive data through smart sensors (e.g., video cameras, radar, lidar, wearables, etc.) and analyze either locally or in the cloud to provide, for example, insights about human health, traffic congestion, road safety, and air, water and product quality. In addition, IoT helps businesses (e.g., utilities, farms, and manufacturers) to manage their assets more effectively and increase their productivity. However, the limited computation and storage power of IoT devices and their specific communication protocols largely render conventional security solutions inappropriate. Furthermore, in many cases, the low-cost nature of IoT devices makes security an afterthought. Consequently, they have become an easy and attractive target for attackers, causing not only privacy concerns but also financial losses and physical damages that may risk human life.

Intrusion Detection Systems (IDSs) can play a crucial role in safeguarding IoT systems against cyberattacks by creating a second wall of defense, complementing conventional preventive security measures (e.g., authentication, authorization, and encryption). In general, IDSs can be divided into four main categories, depending on the detection mechanism used: 1) signature-based, 2) anomaly-based, 3) specification-based, and 4) hybrid.

The signature-based IDSs rely on pattern matching techniques to detect known attacks whose signatures/patterns are already stored in their internal databases. Although being fast, accurate and effective to detect known attacks, signature-based IDSs are susceptible to generate false negatives for new attacks whose signatures have not been stored in their databases. In contrast, anomaly-based IDSs construct a model for normal behavior and any observation considerably deviating from this model is considered as an anomalous behavior and an alert is generated. The main advantage of anomaly-based IDSs is their capability to detect zero-day attacks though they may generate a large number of false positives, due to the fact that new benign activities can be seen as anomalies. Similar to anomaly-based IDSs, specification-based IDSs aim to detect attacks by identifying deviations from the normal behavior. However, in specification-based IDSs, a human expert should manually define the rules of each specification, leading to lower false positive rates in comparison with the anomaly-based IDSs. On the other hand, specification-based IDSs can be error-prone and time-consuming. Finally, hybrid IDSs integrate concepts of the other three types of IDSs to exploit their strengths and reduce the impact of their weaknesses.

In this context, this Special Issue seeks the submission of original and unpublished contributions on IDS for IoT. The topics of interest include, but are not limited to:

  • Intrusion detection and prevention systems for IoT;
  • Machine learning for intrusion detection in IoT;
  • Deep learning for intrusion detection in IoT;
  • Datasets for IoT intrusion detection systems;
  • IDS architectures for IoT;
  • Network-based IDS for IoT;
  • Host-based IDS for IoT;
  • Federated learning for IoT intrusion detection;
  • Collaborative IDS for IoT;
  • Cloud-based IDS for IoT;
  • Hybrid IDS architecture for IoT;
  • IDS for smart health monitoring;
  • IDS for intelligent transportation systems;
  • IDS for smart manufacturing;
  • IDS for smart grids;
  • IDS for smart buildings;
  • IDS for smart city infrastructures;
  • IDS for precision farming;
  • IDS for IoT-based environmental monitoring;
  • IDS for cyber-physical systems.

Dr. Firooz Saghezchi
Dr. Georgios Mantas
Prof. Dr. Jonathan Rodriguez
Dr. Behrouz Zolfaghari
Dr. Pedro Pinto
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • IoT security
  • secure monitoring
  • cyber-physical security
  • intrusion detection system (IDS)
  • signature-based IDS
  • anomaly-based IDS
  • specification-based IDS
  • IDS datasets

Published Papers (3 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

21 pages, 3903 KiB  
Article
End-to-End Network Intrusion Detection Based on Contrastive Learning
by Longlong Li, Yuliang Lu, Guozheng Yang and Xuehu Yan
Sensors 2024, 24(7), 2122; https://doi.org/10.3390/s24072122 - 26 Mar 2024
Viewed by 436
Abstract
The network intrusion detection system (NIDS) plays a crucial role as a security measure in addressing the increasing number of network threats. The majority of current research relies on feature-ready datasets that heavily depend on feature engineering. Conversely, the increasing complexity of network [...] Read more.
The network intrusion detection system (NIDS) plays a crucial role as a security measure in addressing the increasing number of network threats. The majority of current research relies on feature-ready datasets that heavily depend on feature engineering. Conversely, the increasing complexity of network traffic and the ongoing evolution of attack techniques lead to a diminishing distinction between benign and malicious network behaviors. In this paper, we propose a novel end-to-end intrusion detection framework based on a contrastive learning approach. We design a hierarchical Convolutional Neural Network (CNN) and Gated Recurrent Unit (GRU) model to facilitate the automated extraction of spatiotemporal features from raw traffic data. The integration of contrastive learning amplifies the distinction between benign and malicious network traffic in the representation space. The proposed method exhibits enhanced detection capabilities for unknown attacks in comparison to the approaches trained using the cross-entropy loss function. Experiments are carried out on the public datasets CIC-IDS2017 and CSE-CIC-IDS2018, demonstrating that our method can attain a detection accuracy of 99.9% for known attacks, thus achieving state-of-the-art performance. For unknown attacks, a weighted recall rate of 95% can be achieved. Full article
(This article belongs to the Special Issue Intrusion Detection Systems for IoT)
Show Figures

Figure 1

20 pages, 2883 KiB  
Article
Deep Learning-Inspired IoT-IDS Mechanism for Edge Computing Environments
by Abdulaziz Aldaej, Tariq Ahamed Ahanger and Imdad Ullah
Sensors 2023, 23(24), 9869; https://doi.org/10.3390/s23249869 - 16 Dec 2023
Cited by 1 | Viewed by 1083
Abstract
The Internet of Things (IoT) technology has seen substantial research in Deep Learning (DL) techniques to detect cyberattacks. Critical Infrastructures (CIs) must be able to quickly detect cyberattacks close to edge devices in order to prevent service interruptions. DL approaches outperform shallow machine [...] Read more.
The Internet of Things (IoT) technology has seen substantial research in Deep Learning (DL) techniques to detect cyberattacks. Critical Infrastructures (CIs) must be able to quickly detect cyberattacks close to edge devices in order to prevent service interruptions. DL approaches outperform shallow machine learning techniques in attack detection, giving them a viable alternative for use in intrusion detection. However, because of the massive amount of IoT data and the computational requirements for DL models, transmission overheads prevent the successful implementation of DL models closer to the devices. As they were not trained on pertinent IoT, current Intrusion Detection Systems (IDS) either use conventional techniques or are not intended for scattered edge–cloud deployment. A new edge–cloud-based IoT IDS is suggested to address these issues. It uses distributed processing to separate the dataset into subsets appropriate to different attack classes and performs attribute selection on time-series IoT data. Next, DL is used to train an attack detection Recurrent Neural Network, which consists of a Recurrent Neural Network (RNN) and Bidirectional Long Short-Term Memory (LSTM). The high-dimensional BoT-IoT dataset, which replicates massive amounts of genuine IoT attack traffic, is used to test the proposed model. Despite an 85 percent reduction in dataset size made achievable by attribute selection approaches, the attack detection capability was kept intact. The models built utilizing the smaller dataset demonstrated a higher recall rate (98.25%), F1-measure (99.12%), accuracy (99.56%), and precision (99.45%) with no loss in class discrimination performance compared to models trained on the entire attribute set. With the smaller attribute space, neither the RNN nor the Bi-LSTM models experienced underfitting or overfitting. The proposed DL-based IoT intrusion detection solution has the capability to scale efficiently in the face of large volumes of IoT data, thus making it an ideal candidate for edge–cloud deployment. Full article
(This article belongs to the Special Issue Intrusion Detection Systems for IoT)
Show Figures

Figure 1

26 pages, 3255 KiB  
Article
Intrusion Detection System CAN-Bus In-Vehicle Networks Based on the Statistical Characteristics of Attacks
by Junaid Khan, Dae-Woon Lim and Young-Sik Kim
Sensors 2023, 23(7), 3554; https://doi.org/10.3390/s23073554 - 28 Mar 2023
Cited by 6 | Viewed by 3884
Abstract
For in-vehicle network communication, the controller area network (CAN) broadcasts to all connected nodes without address validation. Therefore, it is highly vulnerable to all sorts of attack scenarios. This research proposes a novel intrusion detection system (IDS) for CAN to identify in-vehicle network [...] Read more.
For in-vehicle network communication, the controller area network (CAN) broadcasts to all connected nodes without address validation. Therefore, it is highly vulnerable to all sorts of attack scenarios. This research proposes a novel intrusion detection system (IDS) for CAN to identify in-vehicle network anomalies. The statistical characteristics of attacks provide valuable information about the inherent intrusion patterns and behaviors. We employed two real-world attack scenarios from publicly available datasets to record a real-time response against intrusions with increased precision for in-vehicle network environments. Our proposed IDS can exploit malicious patterns by calculating thresholds and using the statistical properties of attacks, making attack detection more efficient. The optimized threshold value is calculated using brute-force optimization for various window sizes to minimize the total error. The reference values of normality require a few legitimate data frames for effective intrusion detection. The experimental findings validate that our suggested method can efficiently detect fuzzy, merge, and denial-of-service (DoS) attacks with low false-positive rates. It is also demonstrated that the total error decreases with an increasing attack rate for varying window sizes. The results indicate that our proposed IDS minimizes the misclassification rate and is hence better suited for in-vehicle networks. Full article
(This article belongs to the Special Issue Intrusion Detection Systems for IoT)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-3
Back to TopTop