loading page

Expert Knowledge Correlated Intrusion Detection System Evaluation Framework for Heterogeneous IoT
  • +2
  • Nitish A ,
  • Prof.(Dr).Hanumanthapppa J ,
  • Shiva Prakash S.P ,
  • Kirill Krinkin ,
  • J. Hanumanthappa
Nitish A
University of Mysore, University of Mysore

Corresponding Author:[email protected]

Author Profile
Prof.(Dr).Hanumanthapppa J
Author Profile
Shiva Prakash S.P
Author Profile
Kirill Krinkin
Author Profile
J. Hanumanthappa
Author Profile

Abstract

The dynamic contexts of heterogeneous Internet of Things (HetIoT) adversely affect the performance of learning-based network intrusion detection systems (NIDS) resulting in increased misclassification rates—necessitating an expert knowledge correlated evaluation framework. The proposed generalizable framework includes intrusion root cause analysis, correlation model, and correlated classification metrics that can be generalized over any NID dataset, corresponding expert knowledge, detection technique, and learning-based algorithm to facilitate context-awareness in reducing false alerts. To achieve this, we perform experimentations on the Bot-IoT dataset—with generalized traffic behaviors from multiple existing NID datasets—employing the Support Vector Machine (SVM) machine learning and Multilayer Perceptron (MLP) shallow neural network classifiers, demonstrating the generalizability, robustness, and improved performance of the propounded framework compared to the existing literature. Furthermore, the proposed framework offers minimal processing overhead on the classifier algorithms.