A Cost-Sensitive Machine Learning Model With Multitask Learning for Intrusion Detection in IoT

Akbar Telikani; Nima Esmi Rudbardeh; Shiva Soleymanpour; Asadollah Shahbahrami; Jun Shen; Georgi Gaydadjiev; Reza Hassanpour

doi:10.1109/TII.2023.3314208

A Cost-Sensitive Machine Learning Model With Multitask Learning for Intrusion Detection in IoT

Akbar Telikani^*, Nima Esmi Rudbardeh, Shiva Soleymanpour, Asadollah Shahbahrami, Jun Shen, Georgi Gaydadjiev, Reza Hassanpour

^*Corresponding author for this work

Research output: Contribution to journal › Article › Academic › peer-review

3 Citations (Scopus)

208 Downloads (Pure)

Abstract

A problem with machine learning (ML) techniques for detecting intrusions in the Internet of Things (IoT) is that they are ineffective in the detection of low-frequency intrusions. In addition, as ML models are trained using specific attack categories, they cannot recognize unknown attacks. This article integrates strategies of cost-sensitive learning and multitask learning into a hybrid ML model to address these two challenges. The hybrid model consists of an autoencoder for feature extraction and a support vector machine (SVM) for detecting intrusions. In the cost-sensitive learning phase for the class imbalance problem, the hinge loss layer is enhanced to make a classifier strong against low-distributed intrusions. Moreover, to detect unknown attacks, we formulate the SVM as a multitask problem. Experiments on the UNSW-NB15 and BoT-IoT datasets demonstrate the superiority of our model in terms of recall, precision, and F1-score averagely 92.2%, 96.2%, and 94.3%, respectively, over other approaches.

Original language	English
Pages (from-to)	3880-3890
Number of pages	11
Journal	Ieee transactions on industrial informatics
Volume	20
Issue number	3
Early online date	2-Oct-2023
DOIs	https://doi.org/10.1109/TII.2023.3314208
Publication status	Published - Mar-2024

Keywords

Costs
Deep learning (DL)
Internet of Things
Internet of things (IoT)
intrusion detection
Intrusion detection
Mathematical models
multitask learning
support vector machine (SVM)
Support vector machines
Task analysis
Training

Access to Document

10.1109/TII.2023.3314208

A Cost-Sensitive Machine Learning Model With Multitask Learning for Intrusion Detection in IoTFinal publisher's version, 1.66 MBLicence: Taverne

Handle.net

Persistent link

Cite this

@article{c45dd297ffe04e55bb3dc619690bd4a2,

title = "A Cost-Sensitive Machine Learning Model With Multitask Learning for Intrusion Detection in IoT",

abstract = "A problem with machine learning (ML) techniques for detecting intrusions in the Internet of Things (IoT) is that they are ineffective in the detection of low-frequency intrusions. In addition, as ML models are trained using specific attack categories, they cannot recognize unknown attacks. This article integrates strategies of cost-sensitive learning and multitask learning into a hybrid ML model to address these two challenges. The hybrid model consists of an autoencoder for feature extraction and a support vector machine (SVM) for detecting intrusions. In the cost-sensitive learning phase for the class imbalance problem, the hinge loss layer is enhanced to make a classifier strong against low-distributed intrusions. Moreover, to detect unknown attacks, we formulate the SVM as a multitask problem. Experiments on the UNSW-NB15 and BoT-IoT datasets demonstrate the superiority of our model in terms of recall, precision, and F1-score averagely 92.2%, 96.2%, and 94.3%, respectively, over other approaches.",

keywords = "Costs, Deep learning (DL), Internet of Things, Internet of things (IoT), intrusion detection, Intrusion detection, Mathematical models, multitask learning, support vector machine (SVM), Support vector machines, Task analysis, Training",

author = "Akbar Telikani and Rudbardeh, {Nima Esmi} and Shiva Soleymanpour and Asadollah Shahbahrami and Jun Shen and Georgi Gaydadjiev and Reza Hassanpour",

note = "Publisher Copyright: IEEE",

year = "2024",

month = mar,

doi = "10.1109/TII.2023.3314208",

language = "English",

volume = "20",

pages = "3880--3890",

journal = "Ieee transactions on industrial informatics",

issn = "1551-3203",

publisher = "IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC",

number = "3",

}

TY - JOUR

T1 - A Cost-Sensitive Machine Learning Model With Multitask Learning for Intrusion Detection in IoT

AU - Telikani, Akbar

AU - Rudbardeh, Nima Esmi

AU - Soleymanpour, Shiva

AU - Shahbahrami, Asadollah

AU - Shen, Jun

AU - Gaydadjiev, Georgi

AU - Hassanpour, Reza

N1 - Publisher Copyright: IEEE

PY - 2024/3

Y1 - 2024/3

N2 - A problem with machine learning (ML) techniques for detecting intrusions in the Internet of Things (IoT) is that they are ineffective in the detection of low-frequency intrusions. In addition, as ML models are trained using specific attack categories, they cannot recognize unknown attacks. This article integrates strategies of cost-sensitive learning and multitask learning into a hybrid ML model to address these two challenges. The hybrid model consists of an autoencoder for feature extraction and a support vector machine (SVM) for detecting intrusions. In the cost-sensitive learning phase for the class imbalance problem, the hinge loss layer is enhanced to make a classifier strong against low-distributed intrusions. Moreover, to detect unknown attacks, we formulate the SVM as a multitask problem. Experiments on the UNSW-NB15 and BoT-IoT datasets demonstrate the superiority of our model in terms of recall, precision, and F1-score averagely 92.2%, 96.2%, and 94.3%, respectively, over other approaches.

AB - A problem with machine learning (ML) techniques for detecting intrusions in the Internet of Things (IoT) is that they are ineffective in the detection of low-frequency intrusions. In addition, as ML models are trained using specific attack categories, they cannot recognize unknown attacks. This article integrates strategies of cost-sensitive learning and multitask learning into a hybrid ML model to address these two challenges. The hybrid model consists of an autoencoder for feature extraction and a support vector machine (SVM) for detecting intrusions. In the cost-sensitive learning phase for the class imbalance problem, the hinge loss layer is enhanced to make a classifier strong against low-distributed intrusions. Moreover, to detect unknown attacks, we formulate the SVM as a multitask problem. Experiments on the UNSW-NB15 and BoT-IoT datasets demonstrate the superiority of our model in terms of recall, precision, and F1-score averagely 92.2%, 96.2%, and 94.3%, respectively, over other approaches.

KW - Costs

KW - Deep learning (DL)

KW - Internet of Things

KW - Internet of things (IoT)

KW - intrusion detection

KW - Intrusion detection

KW - Mathematical models

KW - multitask learning

KW - support vector machine (SVM)

KW - Support vector machines

KW - Task analysis

KW - Training

UR - http://www.scopus.com/inward/record.url?scp=85174825183&partnerID=8YFLogxK

U2 - 10.1109/TII.2023.3314208

DO - 10.1109/TII.2023.3314208

M3 - Article

AN - SCOPUS:85174825183

SN - 1551-3203

VL - 20

SP - 3880

EP - 3890

JO - Ieee transactions on industrial informatics

JF - Ieee transactions on industrial informatics

IS - 3

ER -

A Cost-Sensitive Machine Learning Model With Multitask Learning for Intrusion Detection in IoT

Abstract

Keywords

Access to Document

Handle.net

Other files and links

Fingerprint

Cite this