Generic placeholder image

International Journal of Sensors, Wireless Communications and Control

Author(s): Mostafa Hosseini* and Hamidreza Shayegh Brojeni

DOI: 10.2174/2210327909666190416141309

DownloadDownload PDF Flyer Cite As
Cluster-based Ensemble Classification Approach for Anomaly Detection in the Internet of Things

Page: [594 - 604] Pages: 11

  • * (Excluding Mailing and Handling)

Abstract

Background & Objective: The next generation of the internet where physical things or objects are going to interact with each other without human interventions is called the Internet of Things (IoT). Its presence can improve the quality of human lives in different domains and environments such as agriculture, smart homes, intelligent transportation systems, and smart grids.

In the lowest layer of the IoT architecture (i.e., the perception layer), there are a variety of sensors which are responsible for gathering data from their environment to provide service for customers. However, these collected data are not always accurate and may be infected with anomalies for some reasons such as limited sensor’s resources and environmental influences.

Accordingly, anomaly detection can be used as a preprocessing phase to prevent sending inappropriate data for the processing.

Methods: Since distributed characteristic and its heterogeneous elements complicate the application of anomaly detection techniques, in this paper, a cluster-based ensemble classification approach has been presented.

Results & Conclusion: Will possessing low complexity, the proposed method has high accuracy in detecting anomalies. This method has been tested on the data collected from sensors in the Intel Berkley research laboratory which is one of the free and available datasets in the domain of IoT. The results indicated that the proposed technique could achieve an accuracy of 99.9186%, a positive detection rate of 99.7459%, while reducing false positive rate and misclassification rate to 0.0025% and 0.0813% respectively.

Keywords: Anomaly detection, k-means clustering, ensemble classifiers, abnormal data, IoT, intel berkley research laboratory.

Graphical Abstract

[1]
Li S, Da Xu L, Zhao S. The internet of things: a survey. Springer Information Systems Frontiers 2014; pp. 1-17.
[2]
Al-Fuqaha A. AL-FA-Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Comm Surv and Tutor 2013; 1(2): 78-95.
[3]
Yang Z, Yue Y, Yang Y, Peng Y, Wang X, Liu W. Study and application on the architecture and key technologies for IOT International Conference Multimedia Technology. ICMT 2011; pp. 747-51.
[4]
Butun I, Kantarci B, Erol-Kantarci M. Anomaly detection and privacy preservation in cloud-centric Internet of Things. IEEE Int Conf Commun Workshop 2015; pp. 2610-5.
[http://dx.doi.org/10.1109/ICCW.2015.7247572]
[5]
Fu R, Zheng K, Zhang D, Yang Y. An intrusion detection scheme based on anomaly mining in internet of things. 4th IET International Conference Wireless Mobile Multimedia Network. 315-20.
[6]
Agrawal S, Agrawal J. Survey on anomaly detection using data mining techniques. Procedia Comput Sci 2015; 60(1): 708-13.
[http://dx.doi.org/10.1016/j.procs.2015.08.220]
[7]
Haq NF, Onik AR, Hridoy MAK, Rafni M, Shah FM, Farid DM. Application of machine learning approaches in intrusion detection system: a survey. Int J Adv Res Artif Intellig 2015; 4(3): 9-18.
[8]
Yasami Y, Mozaffari SP. A novel unsupervised classification approach for network anomaly detection by k-Means clustering and ID3 decision tree learning methods. J Supercomput 2010; 53(1): 231-45.
[http://dx.doi.org/10.1007/s11227-009-0338-x]
[9]
Shrivas AK, Dewangan AK. An ensemble model for classification of attacks with feature selection based on KDD99 and NSL-KDD data set. Int J Comput Appl 2014; 99(15): 975-8887.
[10]
Farid DM, Zhang L, Hossain A, et al. An adaptive ensemble classifier for mining concept drifting data streams. Expert Syst Appl 2013; 40(15): 5895-906.
[http://dx.doi.org/10.1016/j.eswa.2013.05.001]
[11]
Sivatha SS, Geetha S, Kannan A. Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst Appl 2012; 39(1): 129-41.
[http://dx.doi.org/10.1016/j.eswa.2011.06.013]
[12]
Muniyandi A P, Rajeswari R, Rajaram R. Network anomaly detection by cascading k-Means clustering and C4.5 decision tree algorithm in Procedia Engr 2011; 30(2011): 174-82..
[13]
Singh DM, Harbi N, Zahidur Rahman M. Combining naive bayes and decision tree for adaptive intrusion detection. Int J Netw Secur Appl 2010; 2(2): 12-25.
[http://dx.doi.org/10.5121/ijnsa.2010.2202]
[14]
Peddabachigari S, Abraham A, Grosan C, Thomas J. Modeling intrusion detection system using hybrid intelligent systems. J Netw Comput Appl 2007; 30(1): 114-32.
[http://dx.doi.org/10.1016/j.jnca.2005.06.003]
[15]
Sheikhan M, Bostani H. A hybrid intrusion detection system for internet of things. 8th Symp Telecomm. 2395-4396.
[16]
Liu Y, Wu Q. A lightweight anomaly mining algorithm in the internet of things.IEEE 5th Int Conf Software Engr Service Sci. 1142-5..
[http://dx.doi.org/10.1109/ICSESS.2014.6933768]
[17]
Kodinariya TM, Makwana PR. Review on determining number of cluster in K-Means clustering. Int J Adv Res Comput Sci Manag Stud 2013; 1(6): 2321-7782.
[18]
Jayasimhan A, Gadge J. Anomaly detection using a clustering technique. Int J Appl Inf Syst 2012; 2(8): 5-9.
[19]
Carbonell JG. Machine learning research. ACM SIGART Bull 1981; 18(77): 29-9.
[http://dx.doi.org/10.1145/1056743.1056744]
[20]
Yassin W, Udzir NI, Muda Z. Anomaly-based intrusion detection through K-Means clustering and naives Bayes classification. Proc 4th Int Conf Comput Inform (ICOCI). 298-303.
[21]
Intel Berkeley Research lab. 2004.http://db.csail.mit.edu/labdata/labdata.html
[22]
http://db.csail.mit.edu/labdata/labdata.html