CGF-Deep-CNN: A Novel Computationally Enhanced Multiclass Cyber Attacks Detection Model for Low Powered IoT Ecosystem

Mishra, Sushruta, Gaber, Tarek ORCID: https://orcid.org/0000-0003-4065-4191, Tripathy, Hrudaya Kumar, Mishra, Samaresh, Al-Khalidi, Mohammed ORCID: https://orcid.org/0000-0002-1655-8514 and Bashir, Ali Kashif ORCID: https://orcid.org/0000-0001-7595-2522 (2025) CGF-Deep-CNN: A Novel Computationally Enhanced Multiclass Cyber Attacks Detection Model for Low Powered IoT Ecosystem. Human Centric Computing and Information Sciences, 15. 58.

Preview

Published Version Available under License Creative Commons Attribution Non-commercial. Download (8MB) | Preview

Abstract

Recently, heavy network traffic and significant data accumulation have been observed in smart energy-efficient wireless sensor-based applications. These power-aware sensors devices form low-power Internet of Things (IoT) ecosystem. In such applications, IoT nodes gather and analyze private data, which becomes a natural target for cyber-attacks. Many intrusion detection systems (IDSs) are designed to address this issue, but the majority of these systems are computationally expensive with high latency and fail to accurately identify subcategories of cyber-attacks. Attribute selection would help in reducing the data required for attack identification, thereby decreasing delays and memory usage for data storage, while also enhancing detection performance. In this paper, an advanced and optimized IDS model for IoT applications was proposed, utilizing a novel hybrid attribute selection method called credit gain function (CGF). This method incorporates correlation feature selection (CFS) and gain ratio. The proposed attribute selector is used to optimize the dataset through CGF, resulting in a memory-constrained dataset. By employing the proposed CFS method, a novel IDS model based on the Deep-CNN technique is recommended for detecting and classifying cyber-attacks and their sub-categories within an IoT environment. Performance analysis of the presented framework was conducted using four public datasets—IoTID20, UNSW-nb15, NSL-KDD, and KDD—under various metrics, employing different parameters for binary, multi-class, and sub-category classification. The evaluation demonstrated that the proposed IDS model is highly capable, achieving a high accuracy, precision, recall, and F-measure of 98.1%, 96.7%, 96.3%, and 96.8%, respectively. The optimal performance was attained when implementing two convolutional layers and three dense layers of the CNN model with a batch size of 64. Additionally, the presented framework was evaluated to be efficient, with a mean response delay of 2.8 seconds and a low false positive rate of 0.002%. Consequently, the proposed intrusion detection model offers a constructive solution for assessing different cyber-attacks in an IoT ecosystem.