Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Enhancing IoT Security with CNN and LSTM-Based Intrusion Detection Systems

Afrah Gueriani, Hamza Kheddar, Ahmed Cherif Mazari

TL;DR

This work tackles the challenge of securing IoT networks by proposing a CNN-LSTM hybrid intrusion detection system that leverages CNNs for spatial feature extraction and LSTMs for temporal pattern modeling to classify traffic as benign or malicious. The model is trained and tested on the CICIoT2023 dataset and further evaluated on CICIDS2017 to assess generalization, achieving an accuracy of about 98.4% with a low loss and a false-positive rate around 9.17%. The study reports strong per-class performance and ROC-based discrimination, and it demonstrates superior performance relative to several state-of-the-art methods across the evaluated datasets. The findings suggest that CNN-LSTM-based IDSs can offer robust, transferable security for IoT deployments, with potential for real-time edge deployment and extension to multi-class threat scenarios.

Abstract

Protecting Internet of things (IoT) devices against cyber attacks is imperative owing to inherent security vulnerabilities. These vulnerabilities can include a spectrum of sophisticated attacks that pose significant damage to both individuals and organizations. Employing robust security measures like intrusion detection systems (IDSs) is essential to solve these problems and protect IoT systems from such attacks. In this context, our proposed IDS model consists on a combination of convolutional neural network (CNN) and long short-term memory (LSTM) deep learning (DL) models. This fusion facilitates the detection and classification of IoT traffic into binary categories, benign and malicious activities by leveraging the spatial feature extraction capabilities of CNN for pattern recognition and the sequential memory retention of LSTM for discerning complex temporal dependencies in achieving enhanced accuracy and efficiency. In assessing the performance of our proposed model, the authors employed the new CICIoT2023 dataset for both training and final testing, while further validating the model's performance through a conclusive testing phase utilizing the CICIDS2017 dataset. Our proposed model achieves an accuracy rate of 98.42%, accompanied by a minimal loss of 0.0275. False positive rate(FPR) is equally important, reaching 9.17% with an F1-score of 98.57%. These results demonstrate the effectiveness of our proposed CNN-LSTM IDS model in fortifying IoT environments against potential cyber threats.

Enhancing IoT Security with CNN and LSTM-Based Intrusion Detection Systems

TL;DR

This work tackles the challenge of securing IoT networks by proposing a CNN-LSTM hybrid intrusion detection system that leverages CNNs for spatial feature extraction and LSTMs for temporal pattern modeling to classify traffic as benign or malicious. The model is trained and tested on the CICIoT2023 dataset and further evaluated on CICIDS2017 to assess generalization, achieving an accuracy of about 98.4% with a low loss and a false-positive rate around 9.17%. The study reports strong per-class performance and ROC-based discrimination, and it demonstrates superior performance relative to several state-of-the-art methods across the evaluated datasets. The findings suggest that CNN-LSTM-based IDSs can offer robust, transferable security for IoT deployments, with potential for real-time edge deployment and extension to multi-class threat scenarios.

Abstract

Protecting Internet of things (IoT) devices against cyber attacks is imperative owing to inherent security vulnerabilities. These vulnerabilities can include a spectrum of sophisticated attacks that pose significant damage to both individuals and organizations. Employing robust security measures like intrusion detection systems (IDSs) is essential to solve these problems and protect IoT systems from such attacks. In this context, our proposed IDS model consists on a combination of convolutional neural network (CNN) and long short-term memory (LSTM) deep learning (DL) models. This fusion facilitates the detection and classification of IoT traffic into binary categories, benign and malicious activities by leveraging the spatial feature extraction capabilities of CNN for pattern recognition and the sequential memory retention of LSTM for discerning complex temporal dependencies in achieving enhanced accuracy and efficiency. In assessing the performance of our proposed model, the authors employed the new CICIoT2023 dataset for both training and final testing, while further validating the model's performance through a conclusive testing phase utilizing the CICIDS2017 dataset. Our proposed model achieves an accuracy rate of 98.42%, accompanied by a minimal loss of 0.0275. False positive rate(FPR) is equally important, reaching 9.17% with an F1-score of 98.57%. These results demonstrate the effectiveness of our proposed CNN-LSTM IDS model in fortifying IoT environments against potential cyber threats.
Paper Structure (8 sections, 4 equations, 1 figure, 2 tables)

This paper contains 8 sections, 4 equations, 1 figure, 2 tables.

Table of Contents

  1. Introduction
  2. Literature review
  3. proposed methodology
  4. Experimentation, results and discussion
  5. Dataset exploration
  6. Performance metrics
  7. Results
  8. Conclusion

Figures (1)

  • Figure 3: Accuracy and loss model during the training phases. (a): train and validation losses. (b) training and validation accuracies.