Optimized Ensemble Classifier Based Network Intrusion Detection System for RPL Based Internet of Things

• Published in: Wireless personal communications Vol. 125; no. 4; pp. 3603 - 3626
• Main Authors: Prakash, P. Jaya, Lalitha, B.
• Format: Journal Article
• Language: English
• Published: New York Springer US 01.08.2022; Springer Nature B.V
• Subjects: Classifiers; Communications Engineering; Computer Communication Networks; Datasets; Decision trees; Deep learning; Engineering; Ensemble learning; False alarms; Feature selection; Internet of Things; Intrusion detection systems; Machine learning; Networks; Optimization; Particle swarm optimization; Performance enhancement; Routing (telecommunications); Signal,Image and Speech Processing; Simulated annealing; Support vector machines; Voting; Voting ensemble classifier; Feature selection; Internet of Things; RPL based IoT; Intrusion detection system
• ISSN: 0929-6212; 1572-834X
• DOI: 10.1007/s11277-022-09726-7

Internet of Things (IoT) is the powerful latest trend that allows communications and networking of many sources over the internet. The routing protocol for low power and lossy networks (RPL) based IoT may be exposed to many routing attacks due to resource-constrained and open nature of the IoT nodes. Hence, there is a need for network intrusion detection system (NIDS) to protect RPL based IoT networks from routing attacks. The existing techniques for anomaly-based NIDS (ANIDS) subjects to high false alarm rate (FAR). To overcome this issue, a novel bio-inspired voting ensemble classifier with feature selection technique is proposed in this paper to improve the performance of ANIDS for RPL based IoT networks. Initially, the dataset is preprocessed in three steps like cleaning, encoding and normalization. Though the dataset is imbalanced, a common method called SMOTE is applied to balance the dataset. Then feature selection is performed with hybrid approach of simulated annealing and improved Salp Swarm Optimization (SA-ISSA) to minimize the computational complexity by considering only the best features from the entire dataset. The proposed voting classifier is the ensemble of machine learning b a sed classifiers namely decision tree (DT), logistic regression (LR), K-nearest neighbor (KNN), support vector machine (SVM) and a deep learning-based classifier called bidirectional long short-term memory (Bi-LSTM). The weights of all these classifiers are optimized using hybrid approach of Particle Swarm Optimization and improved Salp Swarm Optimization (PSO-ISSA) to achieve higher attack detection rate (ADR). Thus the proposed approach can handle high FAR, imbalanced dataset and high computation cost. The performance of the proposed feature selection and classification approaches are evaluated and compared with existing methods in terms of accuracy, ADR, FAR and so on. The experiments are performed with RPL-NIDDS17 dataset that contains seven types of attack instances. The proposed ensemble classifier shows better performance with higher accuracy (96.4%), ADR (97.7%) and reduced FAR (3.6%).