A Model-agnostic XAI Approach for Developing Low-cost IoT Intrusion Detection Dataset
-
Published:2023-12-21
Issue:2
Volume:6
Page:74-88
-
ISSN:1658-7790
-
Container-title:Journal of Information Security and Cybercrimes Research
-
language:
-
Short-container-title:JISCR
Author:
Gyamfi Enoch Opanin1, Qin Zhiguang1, Adu-Gyamfi Daniel2, Danso Juliana Mantebea1, Browne Judith Ayekai3, Adom Dominic Kwasi4, Botchey Francis Effirim1, Opoku-Mensah Nelson1
Affiliation:
1. School of Information and Software Engineering (SISE), University of Electronic Science and Technology of China, Sichuan Province, P.R. China. 2. Department of Cyber Security and Computer Engineering Technology (DCSCET), School of Computing and Information 3. School of Computer Science and Engineering (SCSE), University of Electronic Science and Technology of China (UESTC), Sichuan Province, P.R. China. 4. Department of Cyber Security and Computer Engineering Technology (DCSCET), School of Computing and Information Sciences (SCIS), C.K. Tedam University of Technology and Applied Sciences (CKT-UTAS), Navrongo, Ghana
Abstract
This study tackles the significant challenge of generating low-cost intrusion detection datasets for Internet of Things (IoT) camera devices, particularly for financially limited organizations. Traditional datasets often depend on costly cameras, posing accessibility issues. Addressing this, a new dataset was developed, tailored for low-cost IoT devices, focusing on essential features. The research employed an Entry/Exit IoT Network at CKT-UTAS, Navrongo, a Ghanaian University, showcasing a feasible model for similar organizations. The study gathered location and other vital features from low-cost cameras and a standard dataset. Using the XGBoost machine learning algorithm, the effectiveness of this approach for cybersecurity enhancement was demonstrated. The implementation included a model-agnostic eXplainable AI (XAI) technique, employing Shapley Additive Explanations (SHAP) values to interpret the XGBoost model's predictions. This highlighted the significance of cost-effective features like Flow Duration, Total Forward Packets, and Total Length Forward Packet, in addition to location data. These features were crucial for intrusion detection using the new IoT dataset. Training a deep-learning model with only these features maintained comparable accuracy to using the full dataset, validating the practicality and efficiency of the approach in real-world scenarios.
Funder
National Natural Science Foundation of China
Publisher
Naif Arab University for Security Sciences
Subject
Materials Chemistry,Economics and Econometrics,Media Technology,Forestry
Reference25 articles.
1. Ucci, D., Aniello, L., & Baldoni, R. (2019). Survey of machine learning techniques for malware analysis. Computer Security, 81, 123-147. https://doi.org/10.1016/j.cose.2018.11.001 2. Gumusbas, D., Yldrm, T., Genovese, A., & Scotti, F. (2021). A comprehensive survey of databases and deep learning methods for cybersecurity and intrusion detection systems. IEEE Systems Journal, 15(2), 1717–1731. https://doi.org/10.11090/JSYST-.2020.2992966. 3. Donida L., R., Genovese, A., Piuri, V., Scotti, F., & Vishwakarma, S. (2020). Computational intelligence in cloud computing. In L. Kovács, T. Haidegger, & A. Szakál (Eds.), Recent Advances in Intelligent Engineering (pp. 111–127). Springer. https://doi.org/10.1007/978-3-030-14350-3_6. 4. Shiravi, A., Shiravi, H., Tavallaee, M., & Ghorbani, A. A. (2012). Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security, 31(3), 357-374 5. G. Creech (2014), Developing a high-accuracy cross platform host-based intrusion detection system capable of reliably detecting zero-day attacks (Doctoral dissertation), University of New South Wales (UNSW) Sydney, Australia
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|