RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks

Ferrag, Mohamed Amine; Maglaras, Leandros; Ahmim, Ahmed; Derdour, Makhlouf; Janicke, Helge

doi:10.3390/fi12030044

Authors

Mohamed Amine Ferrag

Prof Leandros Maglaras L.Maglaras@napier.ac.uk
Professor

Ahmed Ahmim

Makhlouf Derdour

Helge Janicke

Abstract

This paper proposes a novel intrusion detection system (IDS), named RDTIDS, for Internet-of-Things (IoT) networks. The RDTIDS combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset and BoT-IoT dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.

Citation

Ferrag, M. A., Maglaras, L., Ahmim, A., Derdour, M., & Janicke, H. (2020). RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks. Future Internet, 12(3), Article 44. https://doi.org/10.3390/fi12030044

Journal Article Type	Article
Acceptance Date	Feb 27, 2020
Online Publication Date	Mar 2, 2020
Publication Date	2020
Deposit Date	Jan 6, 2023
Publicly Available Date	Jan 9, 2023
Journal	Future Internet
Publisher	MDPI
Peer Reviewed	Peer Reviewed
Volume	12
Issue	3
Article Number	44
DOI	https://doi.org/10.3390/fi12030044
Keywords	intrusion detection; IDS; hybrid IDS; learning machine; hierarchical; network security
Public URL	http://researchrepository.napier.ac.uk/Output/2969541