DoS Attack Detection Framework on IoT Devices using Machine Learning Approaches.
Intrusion Detection System for IoT; Machine Learning; Near Real Time Detection; DoS attack.
The Internet of Things is one of the most important paradigms of the last years, because its main characteristic is the possibility of merging the real world with the virtual world, using the concept of “things”. On the one hand, it presents a great convenience in our daily lives, revolutionizing the communication between people and objects. On the other hand, the vulnerabilities presented and the attacks that have occurred indicate that this technology remains an expectation for the future, thus submerging the benefits it could provide us. In this paper, we propose a framework for real time intrusion detection system in IoT devices, where the DoS attacks will be detected, identified, and classified, following the present literature. For this purpose, machine learning is used to identify attacks through anomalies that occurred in monitoring IoT devices on the ELK suite with the Wazuh plugin. The first experimental result with the NSL-KDD dataset show our proposal's efficiency, with 91.90% accuracy, 0.9217 precision, 0.9190 recall, and 0.9168 F1-score. The second experimental result with real time syn flood attack, created by metasploit, show accuracy of 99,89%, precision of 1.0000, recall of 0.9953, F1-Score of 0.9977.