Lightweight intrusion detection of attacks on the Internet of Things (IoT) in critical infrastructures.

Abstract

Critical Infrastructures (CI) are essential for various aspects of human activities, spanning across different sectors. However, the integration of Internet of Things (IoT) devices into CI has introduced a new dimension to security challenges due to IoT vulnerabilities. Traditional Machine Learning (ML) and Deep Learning (DL) approaches have proven to offer promising results in detecting intrusions; however, their computational demands make them impractical for resource-constrained IoT devices. This study proposes an Optimized Common Features Selection and Deep Autoencoder (OCFSDA) technique for lightweight intrusion detection, which is computationally efficient and cost-effective for the IoT. The OCFSDA was achieved by leveraging Shallow Deep Learning to develop a lightweight intrusion detection model suitable for IoT devices. The key contributions of this research, as contained in this thesis, are highlighted as follows. 1) Feature Selection and Augmentation: Initial experiments with various machine learning algorithms on smart grid datasets revealed challenges with class imbalance, requiring data augmentation. Moreover, feature selection was essential to reduce dimensionality, but single techniques produced suboptimal results. To address this, an ensemble of feature selection techniques was employed to generate a common feature subset compatible with multiple learning algorithms. 2) Deep Autoencoder-based Feature Extraction: The Common Feature Technique (CFT) subset underwent feature extraction using LSTM Autoencoder, resulting in a bottleneck layer of 5 nodes. These extracted features were then subjected to Shallow Deep Learning, evaluated, pruned, and deparameterized. 3) Resilience Against Adversarial Attacks: Adversarial training with semi-supervised learning enhanced the OCFSDA model's resilience against adversarial attacks. The model was further optimized using quantization techniques. 4) Performance Evaluation: Experimental results using benchmark IoT datasets (MQTT-IoT-IDS2020, CICIDS2017) on both Windows and Raspberry Pi 4 platforms demonstrated impressive performance. The OCFSDA model achieved high overall accuracy (99% and 97% on respective datasets) with significantly reduced execution times (0.30s and 0.12s) and memory usage (2KB). Moreover, the model exhibited robustness against adversarial attacks, outperforming benchmark models in terms of accuracy and recall. Overall, the proposed OCFSDA model offers a promising solution for lightweight intrusion detection in IoT devices, addressing computational constraints while ensuring high performance and resilience against cyber threats.