International Journal of Open Information Technologies

The relevance of solving the problem of choosing machine learning models for detecting anomalies in the Internet of Things network traffic is related to the need to analyze a large number of security events to identify abnormal behavior of smart devices. The purpose of the study was to develop and research software for detecting abnormal traffic in the Internet of Things networks based on artificial neural network mechanisms. The article presents the results of the development of a neural network model and software based on it for determining abnormal traffic in the Internet of Things networks based on a multilayer perceptron. Trained on the UNSW-NB15 dataset, the multilayer perceptron uses 47 input features. At the same time, the accuracy of detecting abnormal traffic was 98.82% with a model training time of 13 ms. Also, as part of the study, a comparison of the developed model with software analogues was performed. The difference in the accuracy of anomaly detection by different models does not exceed 1%, while the model training time is significantly lower for the proposed model, which allows it to be applied in real time.

Branitskii A.A. Obnaruzhenie setevykh atak na osnove kompleksirovaniya neironnykh, immunnykh i neironechetkikh klassifikatorov / A.A. Branitskii, I.V. Kotenko // Informatsionno-upravlyayushchie sistemy. – 2015. – № 4 (77). – S. 69-77.

Moustafa N., Turnbull B., Choo K. R. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet of Things Journal, 2019, vol. 6, no. 3, pp. 4815–4830. doi:10.1109/JIOT.2018.2871719.

Al-Garadi M. A., Mohamed A., Al-Ali A., Du X., Guizani M. A Survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials, 2020, vol. 22, no. 3, pp. 1646–1685. doi:10.1109/COMST.2020.2988293.

Getman A.I. Obzor metodov klassifikatsii setevogo trafika s ispol'zovaniem mashinnogo obucheniya / A.I. Getman, M.K. Ikonnikova // Trudy ISP RAN. – T. 32. – № 6. – S. 137-154.

Levshun D., Gaifulina D., Chechulin A., Kotenko I. Problematic issues of information security of cyber-physical systems. Informatics and Automation, 2020, vol. 19, no. 5, pp. 1050–1088. doi:10.15622/ia.2020.19.5.6.

Roopak M., Tian G. Y., Chambers J. Deep learning models for cyber security in IoT networks. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, USA, 2019, pp. 0452–0457. doi:10.1109/CCWC.2019.8666588.

Dipali Gangadhar Mogal, Sheshnarayan R. Ghungrad, Bapusaheb B. Bhusare. NIDS using Machine Learning Classifiers on UNSW-NB15 and KDDCUP99 Datasets. // International Journal of Advanced Research in Computer and Communication Engineering.Vol. 6, Issue 4, April 2017. pp. 533-537.

Suvorov A.O. Intellektual'nyi analiz setevogo trafika dlya identifikatsii komp'yuternykh vtorzhenii / A.O. Suvorov, V.A. Suvorova // Zashchita informatsii i sistemy bezopasnosti. – 2019. – № 1. – S. 62-73.

Charugin V.V. Analiz i formirovanie naborov dannykh setevogo trafika dlya obnaruzheniya komp'yuternykh atak / V.V. Charugin, A.N. Chesalin // International Journal of Open Information Technologies. – 2023. – T. 11. – № 6. – S. 100-106.

Getman A.I. Metodika sbora obuchayushchego nabora dannykh dlya modeli obnaruzheniya komp'yuternykh atak / A.I. Getman, M.N. Goryunov, A.G. Matskevich // Trudy ISP RAN. – 2021. – T. 33. – № 5. – S. 83-104.