AI-Based Architecture and Distributed Processing for the Detection and Mitigation of Spoofing Attacks in IoT Networks
Downloads
The exponential increase in IoT devices within industrial networks has heightened their exposure to cyberattacks, with spoofing attacks posing one of the most critical threats. These attacks exploit communication vulnerabilities, enabling malicious entities to manipulate network traffic and impersonate legitimate devices, compromising system integrity and security. This study aims to develop an AI-driven detection and mitigation system to enhance IoT network security against spoofing attacks. The proposed approach integrates Convolutional Neural Networks with a distributed processing architecture based on Edge nodes, enabling real-time anomaly detection while reducing computational overhead on central servers. The system was tested in four simulated industrial scenarios involving up to 1,000 IoT devices and multiple concurrent attacks to validate its effectiveness. The evaluation included detection accuracy, response time, and system scalability metrics. Results indicate a detection rate of up to 95% under optimal conditions and 88% in high-density environments. Detection and response times ranged from 150 ms to 220 ms and 300 ms to 450 ms, respectively. Additionally, 97% of compromised devices were successfully isolated, with a false positive rate between 3% and 6%. This study introduces a scalable and adaptive AI-based framework, surpassing traditional machine learning techniques in accuracy, efficiency, and real-time applicability for industrial IoT security.
Downloads
[1] Kathole, A. B., Vhatkar, K. N., & Patil, S. D. (2024). IoT-Enabled Pest Identification and Classification with New Meta-Heuristic-Based Deep Learning Framework. Cybernetics and Systems, 55(2), 380–408. doi:10.1080/01969722.2022.2122001.
[2] Irgat, E., Çinar, E., Ünsal, A., & Yazıcı, A. (2023). An IoT-Based Monitoring System for Induction Motor Faults Utilizing Deep Learning Models. Journal of Vibration Engineering and Technologies, 11(7), 3579–3589. doi:10.1007/s42417-022-00769-5.
[3] Olawale, O. P., & Ebadinezhad, S. (2023). The Detection of Abnormal Behavior in Healthcare IoT Using IDS, CNN, and SVM. Lecture Notes on Data Engineering and Communications Technologies, 166, 375–394. doi:10.1007/978-981-99-0835-6_27.
[4] Prathapchandran, K., & Janani, T. (2021). A trust aware security mechanism to detect sinkhole attack in RPL-based IoT environment using random forest – RFTRUST. Computer Networks, 198. doi:10.1016/j.comnet.2021.108413.
[5] Shukla, S., Thakur, S., & Breslin, J. G. (2022). Anomaly Detection in Smart Grid Network Using FC-Based Blockchain Model and Linear SVM. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics): Vol. 13163 LNCS, 157–171. doi:10.1007/978-3-030-95467-3_13.
[6] Abraham, O. A., Ochiai, H., Hossain, M. D., Taenaka, Y., & Kadobayashi, Y. (2024). Electricity Theft Detection for Smart Homes: Harnessing the Power of Machine Learning with Real and Synthetic Attacks. IEEE Access, 12, 26023–26045. doi:10.1109/ACCESS.2024.3366493.
[7] Kim, H. (2024). Sub-optimal Internet of Thing devices deployment using branch and bound method. IET Networks, 1-9. doi:10.1049/ntw2.12119.
[8] Alamatsaz, N., Tabatabaei, L., Yazdchi, M., Payan, H., Alamatsaz, N., & Nasimi, F. (2024). A lightweight hybrid CNN-LSTM explainable model for ECG-based arrhythmia detection. Biomedical Signal Processing and Control, 90. doi:10.1016/j.bspc.2023.105884.
[9] Kumar, P., Bagga, H., Netam, B. S., & Uduthalapally, V. (2022). SAD-IoT: Security Analysis of DDoS Attacks in IoT Networks. Wireless Personal Communications, 122(1), 87–108. doi:10.1007/s11277-021-08890-6.
[10] Long, Z., & Jinsong, W. (2022). A hybrid method of entropy and SSAE-SVM based DDoS detection and mitigation mechanism in SDN. Computers and Security, 115. doi:10.1016/j.cose.2022.102604.
[11] Elhag, S., Alghamdi, A. M., & Al-Shomrani, N. A. (2023). Toward an Improved Security Performance of Industrial Internet of Things Systems. SN Computer Science, 4(2), 131. doi:10.1007/s42979-022-01566-3.
[12] Maghrabi, L. A. (2024). Automated Network Intrusion Detection for Internet of Things: Security Enhancements. IEEE Access, 12, 30839–30851. doi:10.1109/ACCESS.2024.3369237.
[13] Kanwal, R., Rafaqat, W., Iqbal, M., & Weiguo, S. (2023). Data-Driven Approaches for Wildfire Mapping and Prediction Assessment Using a Convolutional Neural Network (CNN). Remote Sensing, 15(21), 5099. doi:10.3390/rs15215099.
[14] Bukhsh, M., Abdullah, S., & Bajwa, I. S. (2021). A Decentralized Edge Computing Latency-Aware Task Management Method with High Availability for IoT Applications. IEEE Access, 9, 138994–139008. doi:10.1109/ACCESS.2021.3116717.
[15] Al-Kasassbeh, M., Almseidin, M., Alrfou, K., & Kovacs, S. (2020). Detection of IoT-botnet attacks using fuzzy rule interpolation. Journal of Intelligent and Fuzzy Systems, 39(1), 421–431. doi:10.3233/JIFS-191432.
[16] Elhattab, K., & Abouelmehdi, K. (2024). Intelligent agriculture system using low energy and based on the use of the internet of things. Bulletin of Electrical Engineering and Informatics, 13(2), 1286–1297. doi:10.11591/eei.v13i2.6346.
[17] Panika, L., Maharana, V., Rao, J. K., Chandrakar, H., & Biswas, S. D. (2024). Securing the Sensitive Data Transfer in Cloud using AES and RSA Algorithms. International Journal of Research Publication and Reviews, 5(1), 867–871. doi:10.55248/gengpi.5.0124.0127.
[18] Paris, I. L. B. M., Habaebi, M. H., & Zyoud, A. M. (2023). Implementation of SSL/TLS Security with MQTT Protocol in IoT Environment. Wireless Personal Communications, 132(1), 163–182. doi:10.1007/s11277-023-10605-y.
[19] Chavoshi, H. R., Salasi, A. H., Payam, O., & Khaloozadeh, H. (2023). Man-in-the-Middle Attack Against a Network Control System: Practical Implementation and Detection. 2023 IEEE 64th International Scientific Conference on Information Technology and Management Science of Riga Technical University, ITMS 2023 – Proceedings, 10317671. doi:10.1109/ITMS59786.2023.10317671.
[20] Mvah, F., Kengne Tchendji, V., Tayou Djamegni, C., Anwar, A. H., Tosh, D. K., & Kamhoua, C. (2024). Countering ARP spoofing attacks in software-defined networks using a game-theoretic approach. Computers and Security, 139. doi:10.1016/j.cose.2023.103696.
[21] Mvah, F., Kengne Tchendji, V., Tayou Djamegni, C., Anwar, A. H., Tosh, D. K., & Kamhoua, C. (2024). GaTeBaSep: game theory-based security protocol against ARP spoofing attacks in software-defined networks. International Journal of Information Security, 23(1), 373–387. doi:10.1007/s10207-023-00749-0.
[22] Shombot, E. S., Dusserre, G., Bestak, R., & Ahmed, N. B. (2024). An application for predicting phishing attacks: A case of implementing a support vector machine learning model. Cyber Security and Applications, 2. doi:10.1016/j.csa.2024.100036.
[23] Shukla, S., Misra, M., & Varshney, G. (2024). HTTP header based phishing attack detection using machine learning. Transactions on Emerging Telecommunications Technologies, 35(1), e4872. doi:10.1002/ett.4872.
[24] Ghantous, W., Pintore, F., & Veroni, M. (2024). Efficiency of SIDH-based signatures (yes, SIDH). Journal of Mathematical Cryptology, 18(1), 20230023. doi:10.1515/jmc-2023-0023.
[25] Sewwandi, M. A. N. D., Li, Y., & Zhang, J. (2024). K-Outlier Removal Based on Contextual Label Information and Cluster Purity for Continuous Data Classification. Expert Systems with Applications, 237. doi:10.1016/j.eswa.2023.121347.
[26] Kamoun, K., Hmissi, F., Ouni, S., & Ouni, S. (2024). Improvement of MQTT semantic to minimize data flow in IoT platforms based on distributed brokers. Transactions on Emerging Telecommunications Technologies, 35(2), 4945. doi:10.1002/ett.4945.
[27] Yan, S., Zhang, P., Huang, S., Wang, J., Sun, H., Zhang, Y., & Tolba, A. (2023). Node Selection Algorithm for Federated Learning Based on Deep Reinforcement Learning for Edge Computing in IoT. Electronics (Switzerland), 12(11), 2478. doi:10.3390/electronics12112478.
[28] Ciric, V., Milosevic, M., Sokolovic, D., & Milentijevic, I. (2024). Modular deep learning-based network intrusion detection architecture for real-world cyber-attack simulation. Simulation Modelling Practice and Theory, 133. doi:10.1016/j.simpat.2024.102916.
[29] Malhotra, R., Bansal, A., & Kessentini, M. (2024). Deployment and performance monitoring of docker based federated learning framework for software defect prediction. Cluster Computing, 27(5), 6039–6057. doi:10.1007/s10586-024-04266-0.
[30] Tassi, A., Warren, D., Wang, Y., Bhamare, D., & Behravesh, R. (2024). On Optimization of Next-Generation Microservice-Based Core Networks. IEEE Transactions on Vehicular Technology, 73(6), 9199–9204. doi:10.1109/TVT.2024.3355335.
[31] Nakamura, K., Hori, K., & Hirose, S. (2021). Algebraic fault analysis of sha-256 compression function and its application. Information (Switzerland), 12(10). doi:10.3390/info12100433.
[32] Michelena, Á., Aveleira-Mata, J., Jove, E., Bayón-Gutiérrez, M., Novais, P., Romero, O. F., Calvo-Rolle, J. L., & Aláiz-Moretón, H. (2024). A novel intelligent approach for man-in-the-middle attacks detection over internet of things environments based on message queuing telemetry transport. Expert Systems, 41(2), e13263. doi:10.1111/exsy.13263.
[33] Alaghbari, K. A., Lim, H. S., Saad, M. H. M., & Yong, Y. S. (2023). Deep Autoencoder-Based Integrated Model for Anomaly Detection and Efficient Feature Extraction in IoT Networks. Internet of Things, 4(3), 345–365. doi:10.3390/iot4030016.
[34] Altulaihan, E., Almaiah, M. A., & Aljughaiman, A. (2024). Anomaly Detection IDS for Detecting DoS Attacks in IoT Networks Based on Machine Learning Algorithms. Sensors, 24(2), 713. doi:10.3390/s24020713.
[35] Shieh, C. S., Nguyen, T. T., Chen, C. Y., & Horng, M. F. (2023). Detection of Unknown DDoS Attack Using Reconstruct Error and One-Class SVM Featuring Stochastic Gradient Descent. Mathematics, 11(1), 108. doi:10.3390/math11010108.
[36] Elamparithi, P., Kalaivani, S., Vijayalakshmi, S., Keerthika, E., Koteswari, S., & Raaj, R. S. (2024). A Machine Learning Approach for Detecting DDOS Attack in IoT Network Using Random Forest Classifier. International Journal of Intelligent Systems and Applications in Engineering, 12(2s), 495–502.
[37] Canizo, M., Triguero, I., Conde, A., & Onieva, E. (2019). Multi-head CNN–RNN for multi-time series anomaly detection: An industrial case study. Neurocomputing, 363, 246–260. doi:10.1016/j.neucom.2019.07.034.
[38] Priyanga, S., Krithivasan, K., Pravinraj, S., & Shankar Sriram, V. S. (2020). Detection of Cyberattacks in Industrial Control Systems Using Enhanced Principal Component Analysis and Hypergraph-Based Convolution Neural Network (EPCA-HG-CNN). IEEE Transactions on Industry Applications, 56(4), 4394–4404. doi:10.1109/TIA.2020.2977872.
- This work (including HTML and PDF Files) is licensed under a Creative Commons Attribution 4.0 International License.
