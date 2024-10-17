Schließen

A comparison of neural-network-based intrusion detection against signature-based detection in IoT networks

  Over the last few years, a plethora of papers presenting machine-learning-based approaches for intrusion detection have been published. However, the majority of those papers do not compare their results with a proper baseline of a signature-based intrusion detection system, thus violating good machine learning practices. In order to evaluate the pros and cons of the machine-learning-based approach, we replicated a research study that uses a deep neural network model for intrusion detection. The results of our replicated research study expose several systematic problems with the used datasets and evaluation methods. In our experiments, a signature-based intrusion detection system with a minimal setup was able to outperform the tested model even under small traffic changes. Testing the replicated neural network on a new dataset recorded in the same environment with the same attacks using the same tools showed that the accuracy of the neural network dropped to 54%. Furthermore, the often-claimed advantage of being able to detect zero-day attacks could not be seen in our experiments.

Metadaten
Author details:Max SchrötterORCiD, Andreas Niemann, Bettina SchnorORCiDGND
DOI:https://doi.org/10.3390/info15030164
ISSN:2078-2489
Title of parent work (English):Information
Publisher:MDPI Publ.
Place of publishing:Basel
Publication type:Article
Language:English
Date of first publication:2024/03/14
Publication year:2024
Release date:2024/10/17
Tag:IDS; IoT; dataset; deep learning; signature-based-IDS
Volume:15
Issue:3
Article number:164
Number of pages:26
Organizational units:Mathematisch-Naturwissenschaftliche Fakultät / Institut für Informatik und Computational Science
DDC classification:0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 000 Informatik, Informationswissenschaft, allgemeine Werke
Peer review:Referiert
Grantor:Publikationsfonds der Universität Potsdam
Publishing method:Open Access / Gold Open-Access
DOAJ gelistet
License (German):License LogoCC-BY - Namensnennung 4.0 International

