A comparative study of novelty detection models for zero day intrusion detection in industrial Internet of Things.
Abstract
The detection of zero-day attacks in the IoT network is a challenging task due to unknown security vulnerabilities. Also, the unavailability of the data makes it difficult to train a machine learning (ML) model about new vulnerabilities. The existing supervised ML-based Intrusion Detection Systems (IDS) are trained to detect only known attacks. On the contrary, the unsupervised ML-based IDSs show a high false-positive rate. In this paper, we experimented on three novelty detection algorithms named One-Class SVM (OCSVM), Local Outlier Factor (LOF), and Isolation Forest (IF), which follow the one-vs-all strategy for zero-day-intrusion detection for IoT datasets. UNSW-NB15 and IoTID20 datasets are considered for the experiment. Experimental results show that OCSVM outperformed the other two models for zero-day intrusion or unseen anomaly detection in IoT domainSimilar works
Full text
Last time updated on 12/09/2024
This paper was published in Open Access Institutional Repository at Robert Gordon University.
Having an issue?
Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.