1 s2.0 S2542660519301957 Main PDF
1 s2.0 S2542660519301957 Main PDF
1 s2.0 S2542660519301957 Main PDF
Journal Pre-proof
PII: S2542-6605(19)30195-7
DOI: https://doi.org/10.1016/j.iot.2019.100112
Reference: IOT 100112
Please cite this article as: Nagaraj Balakrishnan, Arunkumar Rajendran, Danilo Pelusi,
Vijayakumar Ponnusamy, Deep Belief Network enhanced Intrusion Detection System
to Prevent Security Breach in the Internet of Things, Internet of Things (2019), doi:
https://doi.org/10.1016/j.iot.2019.100112
This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition
of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of
record. This version will undergo additional copyediting, typesetting and review before it is published
in its final form, but we are providing this version to give early visibility of the article. Please note that,
during the production process, errors may be discovered which could affect the content, and all legal
disclaimers that apply to the journal pertain.
Nagaraj Balakrishnan
Karpagam College of Engineering, India, mailto:nagaraj@kce.ac.in,
Arunkumar Rajendran
Karpagam College of Engineering, India, mailto:arunece.r@gmail.com, Danilo
Pelusi
University of Teramo, Italy, mailto:dpelusi@unite.it, Vijayakumar Ponnusamy
Karpagam College of Engineering, India, mailto:vijay.pvk72@gmail.com
Abstract
Internet of Things (IoT) is a new age technology, developed with the vision
to connect and interconnect all the objects everywhere. This technology en-
ables an overwhelming smartness, which helps the humankind in many ways.
Connecting the objects around us, make them communicate with each other
towards a mission of intelligent healthcare, safety, Industrial processing appli-
cations. As the Internet of things involved in many various entities and diverse
applications, that the vulnerability to unauthorized access is much higher. To-
day, cyber-attacks faced by the communication networks are very strong and
critically alarming. This research represents an intelligent technique or method-
ology to defend the security breach, developed with the enhancement of Deep
Learning algorithms(Deep Belief Network), i.e., Deep Belief Network. This in-
telligent intrusion detection methodology scrutinizes the malicious activity that
is active inside the network, and one tries to get its entry. In this paper, the
investigation of embedding the Deep learning methodology is discussed. The
DBN enhancement to the security network is compared with standard DGAs
and IDS algorithms, and the results are analyzed.
1. Introduction
2
zero vulnerability to the cyber-attacks should be ensured. Even many govern-
ment departments (Department of Homeland Security) is concerned about the
30 security in IoT [8, 9, 10]. They prescribed the manufactures to imply many
security protocols. The greatest challenge in front of manufacturer, technicians,
and users to implant and tighten the security protocol is the nature of the IoT
technology. It is heterogeneous the end system interconnected have different
characteristics which take the contract of one device to misfit to others(each
35 method has its security levels and permissions). IoT manufacturers often man-
ufacture the machines for the specific application and technicians, or end-user
decides where to use them, which creates a gap between the manufacturer and
the end-user towards privacy management[10]. Many industries are manufac-
turing the IoT components with the concern of quality and not in a single
40 standard, which is also a significant reason behind the complexity[12]. Also,
the critical factor behind this difficulty is that the security process is expensive
in terms of computation requirements [13]. However, the nature of IoT imple-
mentation is its low computation and memory consumption (including battery
backup utility)strategies [14]. The threats such as injection, spoofing, denial of
45 services, and many more attacks use the wireless networks for its action [15].
These threats are highly dynamical, which tends to steal, control the things
and entities connected with it. Attacking an IoT platform which is available, is
not much of a difficult task for these threats, as the flexibility of IoT towards
is hardware and software is high [16]. This paper represents the research on
50 a different approach to equip the security and privacy needed for the entity,
network, and the end-user an investigation of the usage of machine learning
methodology to detect threats or unusual activities (anomalies). Recently the
machine learning approach has a breakthrough which enables the research to-
wards a new dimension such as the algorithm entitled Deep Learning Methods
55 [3]. Section-II gives the literature survey on the IoT its security enhancements.
Section -III provides the details on Deep Belief Network (DBN), Section-IV de-
scribes Systematic operation of the DBN in cyber-attack Control and Section-V
gives the details on the results and its discussions.
3
2. Literature Surey
4
analyze the anemology and take decision accordingly [22]. The author used the
90 Constrained Application Protocol (CoAP) to detect the anomalies occurring.
On the other hand, the Fuzzy logic is also used to prevent the attack, in which
the membership function was formed according to the issues happening. Nowa-
days, the cloud environment has become more convenient that is build which
highly secured protocols which can be utilized for the IoT storage and analytics
95 [23]. Also, some researchers proposed a methodology and developed the IDS to
use machine learning platform, which is sufficient; however, resource consuming.
An immune system designed with this action in sacrifices of more power con-
sumption along with the usage of high computation power[24]. The limitation
of IDS is suppressed by the Feature Dimension detection methodology and the
100 Clustering algorithms (such as Fuzzy C Means algorithm) [25].
As per the above literature survey, it is clear that the uncertain nature is
so high as the personal attacks the network. The usage of machine learning
may solve the problem of, but still, the performance of standard ANN is not
enough to solve the problem. So to avoid the hazard of being attacked, stolen,
105 and controlled by strangers, the Deep Learning method can be used, which is
more advanced and capable of taking the best decision that the traditional ANN
methods.
5
Figure 1: Graphical structure of Restricted Boltzmann Machine
is cable of handling the nonlinear situations, but the lack is deciding as confident
as the human brain, whereas the DL algorithms are developed to understand
120 the features and make a decision like human-brain. There are many types of
DL algorithms, but in this case, the Deep Belief Network is used for the classi-
fication as its nature of classification process suits the applications. During the
process of training and learning the data in the input, the DBN preprocess the
data to filter its noises fits the data, which is invariant ranges. The process of
125 normalization avoids the decision to be misguided. DBN can use the strategy
of probabilistically reconstruct the inputs, so the layer itself represents those
feature detectors [29, 30, 31].
6
Figure 2: Architecture of Deep Belief Network (DBN)
. Through the energy function, the free energy formulas are derived given by
[34]
P P
F (V ) = −b0 V − log eHLi (Ci +Wi V ) (2)
i Hi
140 . Where W is weighted acts as connecting medium for hidden layer and visible
layer. b, c are assigned as an offset of visible as well as hidden layers respectively
The hidden layer is always independent of other layers in any condition When
RBM follows the probability distribution functions, the nature of the signal can
be sinusoidal
145 P (HLi = 1—V ) = sigm (ci + Wi V ) (3)
P (Vj = 1—HL) = sigm bj + W 0j HL (4)
150 . With the equ. (5), the hidden layer is capable of capturing the directional
information of the data (higher order correlation), where the edge extracted data
can be used for any application training process. As the RBM communicates the
features and learning knowledge to the other RBM, the network deeply learns
the direction information of a data[28].
7
Figure 3: Systematic flow of DBN for Intrusion Detection
. Deep Belief Neural (DBN) is a promising algorithm which takes the dataset/
cases of the attack to get trained and decision accordingly. In general, the ANN
consists of directed and Undirected graph during the training process inspired
by biological neuron with synapses and neurons. In which DBN follows the
160 same procedures
. A shown in fig.3 the systematic flow of DBN for the intrusion detection has
the output target layer (Also known as binary - classifier layer). As per the
DBN architecture, the inputs are taken with the preprocessing that fetches the
relevant primary data. The training process involves the process of feeding the
165 experience of the network, such as the details on the attack were used. After
the first input layer, the features are recognized into different forms and fed
to the next hidden layer. The number of the hidden layers depends on the
application, and the default section can be modified suitably to the use before
the training starts. Like the second layer, the third layer also fetches the data for
170 the process of learning[35]. The output layer maps the target decision provided
through classification. As the output layer of the network is binary decision
network, logical 0 assigned for the secure network and the logical 1 mapped
for the intrusion detection. This binary classifier confirms the activity of the
8
stranger who enters the system. The binary cross-entropy reduces the total cost
175 of the network. Until the satisfactory results are achieved, the DBN is trained
with different values. The training of the systems is made with separating the
data set into 60 percent for qualifying the network, 30 percentage for testing
the web, and finally ten percentage for validation. If the performance is not
achieved after a long training process, the Cross-Validation is made with the
180 different combination of mixing training and testing data[36, 37, 38, 39, 40].
• The Features, collected from the input of the anomalies and normal con-
ditions. Pre-processing is made to normalize the data and to extract the
significant features from the raw. So that maximum dimensions of the
data can be reduced.
185 • From the Selected features the partition is made for the separation of the
T raind ata and T estd ata.
• Using the T raind ata, the training for the DBN is started, and the recursive
190 iterations are made until the required performance is achieved.
• Using the T estd ata, the testing process is initiated to understand the
performance of the trained network.
. As per the architecture, the IDS keeps the attacks in check using the knowl-
edge learned by the DBN.
9
Figure 4: Architecture of IDS with DBN
. The IDS methodology enhanced with DBN algorithm is trained under var-
ious situations of the attack and evaluated for its performance analysis. The
parameter of concern for maintaining security and privacy is Recall, Precision,
and F1 Score. There three mandatory metrics have to be analyzed to decide
205 the quality of the methodology. The Precision is given by P, which is given by
the Miss and False hit ratio of the proposed method.
T ruepositive
P = T ruepositive +F alsepositive
. The Metric Recall is given by TPR, which gives the fraction of positive clas-
sification that is labeled correctly plotted in P.R. Space.
T ruepositive
TPR =
T ruepositive + F alsenegative
210 . Finally, F1 Score, which defines the balance between the Precision and the
recall also represents the harmonics of the IDS towards the performance of the
10
Figure 5: Classification by IDS Based DBN for various attacks
detection system.
2 × P × TPR
F1 =
(P + T P R)
. With the analysis for various attacks, it is found that IDS (as shown in fig.5)
give promising results when it comes to the standard attacks and lacks minimal
215 deviation for another type of attacks. Here the Precision and Recall metrics
of the attacks are measured using the abovementioned formulas. The F1-Score
calculated based on the miss and false hit ratio. As the Dos attacks are very
familiar to many of the prevention algorithms, the accuracy of that increased
and lacks for other types of attacks. The proposed algorithms are compared
11
220 with the existing methodology DGA (Domain Generation Algorithms) for the
accurate measurement for the same kind of attacks.
. As shown in table-2, The demonstration for the various DGA is made on the threats
such as Dos Attempt, Overflow Attempt, SSH Brute Force Login, Suspicious DNS
query, Cache Poisoning attempt, Malware infection and compared with the proposed
225 algorithm. Most of the DGA’s F1 Score is above 0.85. During the comparison, it is
found that the proposed algorithms need improvement, which processed by improving
the data set used for the training. As per the nature of the DBN, the dataset used for
the training can improve the performance.
Thus the IDS-DBN is compared and analyzed with various algorithms for the new
230 generation secured IoT Devices.
6. Conclusion
Even though the Internet of Things (IoT) emerges as the new generation technol-
ogy, its limitation in terms of security and privacy is high. To utilize an overwhelming
smartness around the humankind, the IoT needs to be secured, and it should assure the
235 users that the technology to be safe. There are many algorithms, protocol, and soft-
ware to secure the network, but still, the system seems vulnerable to the cyber-attacks.
In this paper, we proposed an algorithmic hybridization of IDS with DBN. The process
enables a new possibility to drive the network securely, even in an uncertain situation.
This intelligent intrusion detection methodology scrutinizes the malicious activity that
240 is active inside the web and tries to create a diversion or breaching it. After the analy-
sis through comparison, it is noted that the proposed algorithm needs to be improved
12
for the standard as well as unpredicted breaches. In the future, the collection towards
many anomaly datasets is collected to train the DBN for more promising outcomes.
References
245 [1] Vermesan, Ovidiu, Arne Brring, Elias Tragos, Martin Serrano, Davide Bacciu,
Stefano Chessa, Claudio Gallicchio et al. ”Internet of robotic things: converging
sensing/actuating, hypoconnectivity, artificial intelligence, and IoT Platforms.”
(2017): 97-155.
[2] Rathore, M. Mazhar, Awais Ahmad, Anand Paul, and Seungmin Rho. ”Urban
250 planning and building smart cities based on the internet of things using big data
analytics.” Computer Networks 101 (2016): 63-80.
[3] Lee, In, and Kyoochun Lee. ”The Internet of Things (IoT): Applications, invest-
ments, and challenges for enterprises.” Business Horizons 58, no. 4 (2015): 431-440.
[4] Minoli, Daniel, Kazem Sohraby, and Benedict Occhiogrosso. ”IoT considerations,
255 requirements, and architectures for smart buildingsEnergy optimization and next-
generation building management systems.” IEEE Internet of Things Journal 4, no.
1 (2017): 269-283.
[6] Alaba, F.A., Othman, M., Hashem, I.A.T., and Alotaibi, F., 2017. Internet of
Things security: A survey. Journal of Network and Computer Applications, 88,
pp.10-28.
265 [7] Sfar, A.R., Natalizio, E., Challal, Y. and Chtourou, Z., 2018. A roadmap for secu-
rity challenges in the Internet of Things. Digital Communications and Networks,
4(2), pp.118-137.
[8] Hu, Pengfei, Huansheng Ning, Tie Qiu, Houbing Song, Yanna Wang, and Xuanxia
Yao. ”Security and privacy preservation scheme of face identification and resolution
13
270 framework using fog computing in internet of things.” IEEE Internet of Things
Journal 4, no. 5 (2017): 1143-1155.
[9] Puthal, D., Nepal, S., Ranjan, R. and Chen, J., 2016. Threats to networking cloud
and edge datacenters in the Internet of Things. IEEE Cloud Computing, 3(3),
pp.64-71.
275 [10] Sicari, Sabrina, Alessandra Rizzardi, Luigi Alfredo Grieco, and Alberto Coen-
Porisini. ”Security, privacy and trust in Internet of Things: The road ahead.”
Computer networks 76 (2015): 146-164.
[11] Li, Shancang, Li Da Xu, and Shanshan Zhao. ”5G Internet of Things: A survey.”
Journal of Industrial Information Integration10 (2018): 1-9.
280 [12] Alrawais, Arwa, Abdulrahman Alhothaily, Chunqiang Hu, and Xiuzhen Cheng.
”Fog computing for the internet of things: Security and privacy issues.” IEEE
Internet Computing 21, no. 2 (2017): 34-42.
[13] Borgohain, Tuhin, Uday Kumar, and Sugata Sanyal. ”Survey of security and
privacy issues of internet of things.” arXiv preprint arXiv:1501.02211 (2015).
285 [14] Li, Shancang, Li Da Xu, and Shanshan Zhao. ”The internet of things: a survey.”
Information Systems Frontiers 17, no. 2 (2015): 243-259.
[15] Farooq, Muhammad Umar, Muhammad Waseem, Anjum Khairi, and Sadia
Mazhar. ”A critical analysis on the security concerns of internet of things (IoT).”
International Journal of Computer Applications 111, no. 7 (2015).
290 [16] Maple, Carsten. ”Security and privacy in the internet of things.” Journal of Cyber
Policy 2, no. 2 (2017): 155-184.
[17] Booth, Todd, and Karl Andersson. ”DNS DDoS Mitigation, via DNS Timer De-
sign Changes.” In International Conference on Future Network Systems and Secu-
rity, pp. 43-55. Springer, Cham, 2017.
14
[19] Minoli, D. and Occhiogrosso, B., 2018. Blockchain mechanisms for IoT security.
300 Internet of Things, 1, pp.1-13.
[20] Le, Anhtuan, Jonathan Loo, Kok Chai, and Mahdi Aiash. ”A specification-based
IDS for detecting attacks on RPL-based network topology.” Information 7, no. 2
(2016): 25.
[21] Kasinathan, P.; Costamagna, G.; Khaleel, H.; Pastrone, C.; Spirito, M.A. DEMO:
305 An IDS Framework for Internet of Things Empowered by 6LoWPAN. In Pro-
ceedings of the 2013 ACM SIGSAC Conference on Computer & Communications
Security, Berlin, Germany, 48 November 2013.
[22] Danda, Jagan Mohan Reddy, and Chittaranjan Hota. ”Attack identification
framework for IoT devices.” In Information Systems Design and Intelligent Ap-
310 plications, pp. 505-513. Springer, New Delhi, 2016.
[24] Sari, Arif. ”A review of anomaly detection systems in cloud networks and survey
315 of cloud security measures in cloud storage applications.” Journal of Information
Security 6, no. 02 (2015): 142.
[25] Islam, Md, Md Hasan, Xiaoyi Wang, and Hayley Germack. ”A systematic review
on healthcare analytics: Application and theoretical perspective of data mining.”
In Healthcare, vol. 6, no. 2, p. 54. Multidisciplinary Digital Publishing Institute,
320 2018.
[26] Nagaraj B. and Vijayakumar P. Tuning of a PID controller using soft comput-
ing methodologies Applied to Basis Weight Control in Paper Machine. Journal of
Korean Technical Association of Pulp and Paper Industry Vol. 43, No.3, pp. 1-10,
2011.
325 [27] Conti, Mauro, Ali DehghanChen, Yushi, Xing Zhao, and Xiuping Jia. ”Spec-
tralspatial classification of hyperspectral data based on deep belief network.” IEEE
Journal of Selected Topics in Applied Earth Observations and Remote Sensing 8,
no. 6 (2015): 2381-2392.
15
[28] tanha, Katrin Franke, and Steve Watson. ”Internet of Things security and foren-
330 sics: Challenges and opportunities.” (2018): 544-546.
[29] Pelusi, Danilo, Raffaele Mascella, and Luca Tallini. ”Revised gravitational search
algorithms based on evolutionary-fuzzy systems.” Algorithms 10.2 (2017): 44.
[31] Pelusi, Danilo, Massimo Tivegna, and Pierluigi Ippoliti. ”Improving the profitabil-
ity of technical analysis through intelligent algorithms.” Journal of interdisciplinary
mathematics 16.2-3 (2013): 203-215.
[33] Lee, Kanghyo, Donghyun Kim, Dongsoo Ha, Ubaidullah Rajput, and Heekuck
Oh. ”On security and privacy issues of fog computing supported Internet of Things
environment.” In 2015 6th International Conference on the Network of the Future
345 (NOF), pp. 1-3. IEEE, 2015.
[34] Wang, H. Z., G. B. Wang, G. Q. Li, J. C. Peng, and Y. T. Liu. ”Deep belief
network based deterministic and probabilistic wind speed forecasting approach.”
Applied Energy 182 (2016): 80-93.
[35] B.Nagaraj, P.Vijayakumar, Controller Tuning For Industrial Process-A Soft Com-
350 puting Approach, Int. J. Advance. Soft Comput. Appl., Vol. 4, No. 2, July 2012
[37] Pelusi, Danilo. ”Designing neural networks to improve timing performances of in-
355 telligent controllers.” Journal of Discrete Mathematical Sciences and Cryptography
16.2-3 (2013): 187-193.
16
[38] Nisi, K., B. Nagaraj, and A. Agalya. ”Tuning of a PID controller using evolu-
tionary multi-objective optimization methodologies and application to the pulp
and paper industry.” International Journal of Machine Learning and Cybernetics
360 (2018): 1-11.
[39] Pelusi, Danilo, and Massimo Tivegna. ”Optimal trading rules at hourly frequency
in the foreign exchange markets.” Mathematical and Statistical Methods for Ac-
tuarial Sciences and Finance. Springer, Milano, 2012. 341-348.
[40] Pelusi D., Mascella R., Tallini L., Nayak J., Naik B., Abraham A., ”Neural Net-
365 work and Fuzzy System for the tuning of Gravitational Search Algorithm param-
eters”, Expert Systems with Applications, Vol. 102, 234-244, 2018.
17
Deep Belief Network enhanced Intrusion Detection
System to Prevent Security Breach in the Internet of
Things?
1. Conflict of Interest