Securing the IoT System of Smart City against Cyber Threats Using Deep Learning

Research Article Securing the IoT System of Smart City against Cyber Threats Using Deep Learning Tanzila Saba,1 Amjad Rehman Khan,1 Tariq Sadad , 2 and Seng-phil Hong 3 1 Articial Intelligence & Data Analytics Lab (AIDA) CCIS, Prince Sultan University, Riyadh, Saudi Arabia 2 Department of Computer Science & Software Engineering, International Islamic University, Islamabad, Pakistan 3 HANCOM, Seongnam-si, Republic of Korea Correspondence should be addressed to Seng-phil Hong; hsphill88@gmail.com Received 25 September 2021; Accepted 17 May 2022; Published 26 June 2022 Academic Editor: Daqing Gong Copyright © 2022 Tanzila Saba et al.  is is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.  e idea of a smart city is to connect physical objects or things with sensors, software, electronics, and Internet connectivity for data communication through the Internet of  ings (IoT) devices. IoT enhances productivity and ecacy intelligently using remote management, but the risk of security and privacy increases. Cyber threats are advancing day by day, causing insucient measures of security and condentiality. As the hackers use the Internet, several IoT vulnerabilities are introduced, demanding new security measures in the IoT devices of the smart city.  e threads concerned with IoT need to be reduced for ecient Intrusion Detection Systems (IDSs). As a result, machine learning algorithms generate correct outputs from a large and complicated dataset.  e output of machine learning could be used to detect anomalies in IoT-network systems.  is paper employed several machine learning classiers and a deep learning model for intrusion detection using seven datasets of the TON_IoT telemetry dataset.  e proposed IDS achieved an accuracy of 99.7% using  ermostat, GPS Tracker, Garage Door, and Modbus datasets via voting classier. 1. Introduction A smart city is an architecture composed of data and communication technologies to create, deploy, and eventually support advancement to oversee cities and address the challenges of urbanization smartly and viably.  e main focus in the smart city is to connect various objects to transmit the data intelligently. Multiple countries have presented such smart city ideas to utilize the resources and manage urbanization growth eectively.  e information and communication technologies (ICTs) can be deployed to accomplish the fulllment of smart cities, especially the Internet of  ings (IoT), which is most important for effective operations [1]. IoT requires an Internet source for communication with other objects, nodes, and applications over the cloud to get information on their adjacent object. IoT devices led to extensive utilization in an advanced healthcare environment, connecting patients and doctors to extend healthcare services intelligently. In smart healthcare, mostly integration of clinical decision support systems is deployed.  e IoT-based system guarantees to provide costeective solutions to the healthcare domain [2]. Since it is used in everyday life, IoT is often referred to as the Internet of People (IoP) from individuals to organizations. As a result, the number of connected devices is increasing all over the world. Many sensors are used in embedded systems to gather real-time data from physical objects from afar. We can create intelligent decision systems and eectively manage IoT environments using the data obtained from the sensors.  e link of commonly used real-world gadgets to the Internet, on the other hand, often poses concerns about cybersecurity risks. As a result, organizations and countries are concerned about the safety of IoT devices against anomalies.  e required actions must include physical and cybersecurity steps and conrmation of protection against signicant IoT architecture attacks. To protect and guard against attacks from infected IoT devices, intelligent intrusion detection techniques for IoT devices must be designed Hindawi Discrete Dynamics in Nature and Society Volume 2022, Article ID 1241122, 9 pages https://doi.org/10.1155/2022/1241122 and built. However, many intrusion detection devices require a significant amount of computing power and energy [3]. 1.1. Motivation and Contributions. New threats regularly arise because IoT devices run in an embedded and interdependent setting. Furthermore, since IoTdevices are always left unattended, a malicious attacker may gain access to them. Since IoT devices are usually connected to cellular networks [4], eavesdropping may reach privately held information from the contact platform. Aside from these security concerns, IoT systems cannot continue to have sophisticated security measures due to their limited energy and processing capacity. To secure IoT applications from cyber-attacks, another line of defense should be installed into IoT networks. AI-based systems have recently gained credibility in a common framework for detecting network attacks, such as IoT networks. IoT sensors and network traffic should be logged and analyzed to learn standard patterns. When a person’s behavior deviates from the ordinary, this is a sign of irregular behavior. ,ese methods have also been checked to predict emerging risks, developing a set of IoT interfaces and network security protocols. ,e main contributions of this research are detailed as follows: (a) A deep-learning based approach with current databases is employed to categorize the attacks (b) A safeguard is introduced for the IoT network’s reputation and ensures that it is only available to approved users (c) A basis for incorporating IDS into an IoT-based system as an application is proposed. 2. Related Work IoT networks face additional security challenges than conventional computer systems due to a variety of reasons. Firstly, IoT systems are incredibly complex in processors, platforms, communication methods, and protocols. Secondly, to bind physical objects, IoT systems comprised of Internet-connected modules and control devices are used. ,irdly, there are no well-established limits of IoT schemes, which often shift due to the versatility of users and computers. Fourthly, they will be physically endangered by IoT structures or a part of them. Fifthly, limited resources make it impossible to incorporate advanced security techniques and applications on IoT computers. Finally, because of the exponential expansion of IoT-based computers, those networks could be vulnerable to attacks on privacy and protection [5, 6]. Several tools and applications have been created to mitigate network attacks by detecting inconsistencies in the IoT environment using machine-learning and deep-learning techniques. Several state-of-the-art strategies for classifying these anomalies using machine learning techniques in the IoT infrastructure have been reported in the literature. Nonetheless, deep learning methods have been used for the same reason by a few. Deep learning methods have proved to be the best state of the art for pattern matching, and they can detect any input in an IoT system as true or false. Signaturebased techniques, specification-based methods, anomalybased tactics, and mixed strategies are the four main types of ID attacks [1]. Signature-based methods start by looking for correlations between a set of network data and a function database. If the scanned data suits the signature record, the data would be considered illegal. It is helpful to determine the type of attack precisely. It is a low-labor-intensive project with little demand. ,ey encourage machine managers to define rules and thresholds in advance. ,e same rules will be followed. IDS detects the current system and network status. ,e IDS will detect an abnormal state and react appropriately once the threshold is exceeded or the rules are violated [6]. Anomaly-based methods aim to figure out which phenomena are abnormal and which are not. ,e main advantage of using this method is to detect potentially new intrusions. However, its one disadvantage is prone to false positives. Machine learning algorithms are currently being studied in anomaly-based intrusion detection methods to improve their advantages. Machine learning algorithms can monitor active activity and equate it to known intrusion footprints to identify potential attacks using anomaly-based intrusion detection techniques. In a hybrid approach, multiple recognition techniques are used in the same scheme. ,is solution would eliminate the current limitations of a single mechanism and increase the overall stability of the IoT method. ,e wholly developed IDS, on the other hand, would be extremely large and complicated. ,e technique will become more complex as a result, and more capital will be required. In addition, intrusion detection can be time and expense-consuming due to the many protocols involved [7]. Vigneswaran et al. [8] developed an anomalybased IDS that functions in traditional networks and trains and tests the model using the KDDCup99 dataset. ,e proposed solution has an accuracy of 95% and should be adopted. However, they use the KDDCup99 dataset, which lacks homogeneous data and few specific records, making reliable findings challenging to come by. Ajaeiya et al. [9] advocated for anomaly-based IDS that only uses network functionality. ,e R-tree algorithm outperforms the other machine learning models with a 99.5 percent true positive rate and a 0.001 percent false-positive rate. ,eir results showed how effective mathematical algorithms like Random Forest could be. ,eir dataset, on the other hand, is not a test that raises questions about its validity. Abubakar et al. [10] proposed an SDN-compatible identification tool. ,ey had a signature-based ID and an anomaly-based ID that were trained and tested on the NSLKDD dataset. ,e detection precision is higher than 97.4%. Intrusions observed solely by anomaly detection, on the other hand, cannot be distinguished from those detected by signature detection. Tang and Kapitnov et al. [11] suggested a protocol for connected networks that uses blockchain technologies to facilitate peer-to-peer communication. ,e protocol ensures the communication mechanism’s protection and manages 2 Discrete Dynamics in Nature and Society variability in working states. Currently, researchers are looking at turning blockchain into a multiagent system. Li et al. [12] suggested an enhanced method for extracting IoT data features to detect IDS for smart cities using deep migration learning.  ey have said that their plan would compensate for the lack of an appropriate training set.  ey also claimed that their approach yielded higher detection rates at high performance than conventional approaches and signicantly reduced clustering time. Arshad et al. [3] suggested a new intrusion prevention scheme for IoT systems with limited resources. As a result, intrusion protection is disabled for IoT devices and the edge router. To browse network packets, IoT devices are used as IDS nodes. It can only receive raw packets from the host router node, which contain condential data. For genuine time-destroying behavior in domestic IoT gadgets, Anthi et al. [7] proposed three-layer IDS architecture.  e protection layers in this architecture dene intrusion for IoT systems based on their normal or irregular behavior. 2.1. reats in IoT. IoT signies a heterogeneous environment of sensing devices connecting over the Internet [13].  e threads associated with IoT dier from the conventional networks because it has limited computational power and memory. Furthermore, IoT devices utilize insecure wireless communication media, that is, 802.15.4, LoRa, ZigBee, and 802.11ac. Moreover, IoT devices lack standard operating systems, dierent formats, and application-specic functionality, due to which standard security protocol is dicult to develop [14]. All these shortcomings cause various types of security and privacy threats. In addition, the communicating IoT devices are mostly multivendor, demanding a reliable tool to act as a bridge [15]. Various research works have highlighted the issue of software updates to billions of IoT devices [16].  erefore, the detection of threats and challenges associated with IoTbased systems is signicant during the design and implementation of the security measures for IoT machines. Internet Engineering Task Force (IETF) has recognized various IoT threats [17], such as man-in-the-middle (MiTM) attack, Denial of Service (DoS) attack, replacement of rmware with malicious code, privacy threats, and eavesdropping attacks.  e basic ideas of security and privacy rotate about the Availability of the network, Condentiality, and Integrity of data. Any unauthorized access of data may cause a breach of availability, condentiality, or integrity.  us, privacy threat is a concern with the privacy of the data, while security threads in¨uence the integrity of the data and availability of the network. Figure 1 illustrates dierent privacy and security threats associated with IoT devices. 2.2. Security reats 2.2.1. Denial of Service (DoS). DoS is a common and basic implementation of security threats that could be utilized against an IoT device. DoS attack is a preferred tool for intruders due to the low-security features in many IoT devices. DoS attack happens when the attackers take control to make a device unavailable.  e main aim of a DoS attack is to down the network by sending illegal requests.  e advanced type of the DOS is referred to as Distributed DoS (DDoS), where several attacks are involved in a single target [18]. Dierent kinds of DDoS attacks are used, but all of them have the same objective.  e most common of attack’s type is a Botnet attack in an IoT network [19]. 2.2.2. Man-in-the-Middle (MiTM).  ese attack approaches are considered old enough in the cyber world [20]. Sybil attacks, message tamper, and spoong can be classied as MiTM attacks. IP spoong, DNS spoong, ARP Spoong, and HTTPS spoong are the common attacks of spoong. 2.2.3. Malware. Malicious software is also known as malware. It exists either in the trojan horse, worm, spyware, virus, malvertising, or rootkit [21]. A few examples that are suered from malware are healthcare devices, vehicular sensors, and smart home products. 2.3. Privacy reats.  e users and their data are comprised in the IoT devices are inference attacks, sning, and deanonymization. 2.3.1. Man-in-the-Middle (MiTM). As we know, there are two types of MITM attacks, one is active and the other is passive.  e passive MiTM attacks silently listen to the transfer of data among two devices.  is attack does not change the data but violates privacy only. After accessing a device, an intruder can watch silently for a couple of days before attempting the attack.  e increasing numbers of IoT devices such as smartphones, toys, and wristwatches produce a high impact of passive MiTM attack sning and eavesdropping. Similarly, active MiTM attacks are included in harming the data. For example, a client will communicate with the server, possibly connecting with the MiTM attacker, who is personating to be the server, as illustrated in Figure 2. 2.3.2. Data Privacy. It is concerned with data leakage [22], identity theft, data tampering, and reidentication [23]. Data tempering is used to alter the data and it can be categorized IoT Attacks Confidentiality Privacy Threads Eavesdropping Sniffing Data Leakage... DDoS, Spoofing Worms, Virus, Botnet.... Security Threads Integrity Availability Figure 1: Privacy and security of IoT threats. Discrete Dynamics in Nature and Society 3 as an active attack of data privacy. Similarly, data leakage and reidentication are an example of passive attacks of data privacy. To summarize, an IoT-based system is not fully secure because it facilitates the users to access their data without any trouble. But on the other side, it provides an insecure atmosphere for the attackers to access any network segment. Various ways of the threats are depicted in Figure 3, through which IoT-based systems may compromise.  us, users should be aware of all these security weaknesses to protect themselves from cyber threats. Various methods are employed to reduce cyber threats. Most recently, AI-based system has been used to classify network trac on a large setup. 3. Materials and Methods Various machine learning algorithms, including deep learning models, are utilized to nd network attacks. In the proposed system, the rst data balancing is performed through the Minority Oversampling Technique (SMOTE) method [24] to avoid overtting.  en, random forest, voting classier (ensemble of logistic regression, random forest, and Gaussian Naive Bayes), articial neural network (ANN), and 1D CNN (convolutional neural network) are applied to nd the normal and abnormal trac in IoT environments. Figure 4 demonstrates the proposed IDS for the IoT network. 3.1. ToN-IoT Telemetry Dataset. In this work, we used a dataset known as the ToN-IoT Telemetry dataset [25], which can be retrieved at the ToN-IoT repository [26].  is dataset was gathered from various sources through Telemetry of IoT devices plus logs of operating systems and network trac of IoT-based systems.  e ToN-IoT datasets were categorized with a label of normal or attack for binary classication.  ey also included a type of subclasses: DDoS, backdoor, injection, normal, password cracking, ransomware, and Cross-site Scripting (XSS). In the Train_Test_datasets folder [26], the total number of seven datasets were evaluated for IoT devices, including Weather,  ermostat, GPS Tracker, Fridge, Garage Door, Modbus, and Motion Light.  e distribution of attacks for each dataset is presented in Figure 5. A brief description of these cyber-attacks is provided in Table 1. 3.2. Data Balancing.  e Synthetic Minority Oversampling Technique (SMOTE) method [24] is usually employed for data balancing.  e main idea of SMOTE is to create new minority cases by incorporating various minority cases that remain together. Initially, the k-nearest neighbors of all minority cases are identied.  en, minority cases are initiated on the positions among the minority cases and their knearest neighbors till the database is balanced.  us, the problem of overtting is avoided. 3.3. Classication.  e proposed model is evaluated through various machine learning algorithms and deep learning models: random forest, voting classier, ANN, and 1D CNN.  e following parameters are used during the training of classiers, as presented in Table 2. 3.4. Evaluation Criteria.  e main purpose of this model is to classify the normal and abnormal attacks based on the following outcomes, as illustrated in Table 3.  e following formulae are evaluated based on TP, TN, FP and FN as reported in Table 4. Also, confusion matrix is evaluated to demonstrate how much data is correctly and wrongly classied. 4. Results and Comparisons  e experiments are carried out using machine learning and a deep learning model on the ToN-IoTdatasets. Metrics used to evaluate the performance are accuracy, precision, recall, and F-score [31].  e highest result achieved through different classiers for each dataset is presented in Table 5. For example, the result shows that the voting classier has achieved the highest accuracy of 99.7% for the  ermostat, GPS Tracker, Garage Door, and Modbus dataset. Furthermore, these results are presented in the form of a confusion matrix, as illustrated in Table 6.  e accuracy obtained through the employed classier against each dataset is presented in Table 7.  e random Sensor IoT Threats Wireless Application Other IoT Devices Figure 3: Dimensions of IoT threats. Traffic AI-based system Normal Traffic Attack Figure 4: Overview of the proposed model. MiTM Internet Client Server Figure 2: Example of MiTM attack. 4 Discrete Dynamics in Nature and Society type ddos 0 5000 10000 15000 count 20000 25000 30000 35000 backdoor injection normal password ransomware scanning xss (a) type injection 0 5000 10000 15000 20000 25000 30000 35000 backdoor normal password ransomware scanning xss count (b) type ddos 0 5000 10000 15000 count 20000 25000 30000 35000 backdoor injection normal password ransomware scanning xss (c) type ddos 0 5000 10000 15000 count 20000 25000 30000 35000 backdoor injection normal password ransomware xss (d) type ddos 0 5000 10000 15000 count 20000 25000 30000 35000 backdoor injection normal password ransomware xss scanning (e) type 0 5000 10000 15000 count 20000 25000 30000 35000 injection backdoor normal password scanning xss (f ) Figure 5: Continued. Discrete Dynamics in Nature and Society 5 Table 1: Cyber-attacks description. Cyber-attacks Description Port scanning [27] Before initiating the actual attack, it is applied to get information about a target machine such as available services and opening ports. For this purpose, the attackers use dierent scanning tools such as nessus [28] Distributed denial of service (DDoS) It is a ¨ooding attack where an intruder usually initiates a series of malicious attempts to exhaust the system resources Ransomware It is a complex type of malware that disallows legitimate users’ access to services or systems through encryption.  e attacker tries to sell the decryption key to the access system Backdoor [29] It is a passive attack type that allows an attacker to get unauthorized access to the infected IoTdevices through backdoor malware Injection attack [30]  is attack is usually used to inject malicious data or execute malicious codes into IoT-based systems Cross-site scripting (XSS) [30]  is attack is usually used to inject malicious commands on a web server Password cracking attack [24]  e attacker uses password cracking techniques such as dictionary attacks or brute force to predict IoT machines’ passwords type ddos 0 5000 10000 count 15000 20000 25000 30000 35000 backdoor injection normal password ransomware xss scanning (g) Figure 5: (a) Attack distribution in weather dataset; (b) attack distribution in thermostat dataset; (c) attack distribution in GPS tracker dataset; (d) attack distribution in fridge dataset; (e) attack distribution in garage door dataset; (f ) attack distribution in motion light; (g) attack distribution in Modbus. Table 2: Parameters details. Name Parameter Test size 0.2 (for all classier) Number of trees 1000 (for random forest) and 500 (for majority voting) Loss Categorical cross-entropy (for ANN/CNN) Optimizer Adam (for ANN/CNN) Dropout 0.5 (for ANN/CNN) Batch size 20 (for ANN) and 128 (for CNN) Epochs 15 (for ANN) and 20 (for CNN) Table 3: Prediction outcome. Outcome Denition True negative (TN) Negative data are correctly identied True positive (TP) Positive data are correctly identied False negative (FN) Negative data are incorrectly identied False positive (FP) Positive data are incorrectly identied Table 4: Evaluation measures. Measure Formula Accuracy {(TP + TN)/(TP + FN)+(FP + TN)} Precision {TP/(TP + FP)} Recall {(TP)/(TP + FN)} F-score {(2 ∗ Precision ∗ Recall)/(Precision + Recall)} Table 5: Experimental results against each dataset. Dataset Classier Precision (%) Recall (%) F-score (%) Accuracy (%) Weather Random forest 99 99 99 99.3  ermostat Voting classier 99.8 99.8 98.9 99.7 GPS tracker Voting classier 99.8 99.8 98.9 99.7 Garage door Voting classier 99.8 99.8 98.9 99.7 Modbus Voting classier 99.8 99.8 98.9 99.7 Motion light Random forest 98 98 97 97.7 6 Discrete Dynamics in Nature and Society Table 6: Confusion matrix against each dataset. Dataset Classier Confusion matrix Weather Random forest Predicted label True label ddos backdoor injection normal password ransomware xss scanning ddos 950 5 1 0 4 3 1 0 7 971 0 0 6 2 0 2 2 2 1015 0 0 1 1 0 0 0 0 7009 0 0 0 0 8 6 4 0 1000 1 0 5 5 0 2 0 5 568 0 0 0 0 3 0 0 0 93 0 2 0 0 0 3 0 0 165 7000 6000 5000 4000 3000 2000 1000 0 Confusion matrix, without normalization backdoor injection normal password ransomware xss scanning  ermostat Voting classier Predicted label True label ddos backdoor normal password ransomware xss scanning injection 1025 5 0 0 0 0 0 0 970 0 0 0 0 0 0 0 7001 0 0 0 0 0 0 0 1013 0 0 0 0 0 0 0 458 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 80 7000 6000 5000 4000 3000 2000 1000 0 Confusion matrix, without normalization backdoor normal password ransomware xss scanning GPS tracker Voting classier Predicted label True label ddos backdoor injection normal password ransomware xss scanning ddos 975 0 0 0 0 0 0 0 0 976 0 0 0 0 0 0 0 0 1020 0 0 0 0 0 0 0 0 7022 0 0 0 0 0 0 0 0 992 0 0 0 0 0 0 0 0 584 0 0 0 0 0 0 0 0 125 0 0 0 0 0 0 0 0 98 7000 6000 5000 4000 3000 2000 1000 0 Confusion matrix, without normalization backdoor injection normal password ransomware xss scanning Garage door Voting classier Predicted label True label ddos backdoor injection normal password ransomware scanning xss ddos 955 0 0 0 0 0 0 0 980 0 0 0 0 0 0 0 1024 0 0 0 0 0 0 0 7065 0 0 0 0 0 0 0 1000 0 0 0 0 0 0 0 584 0 0 0 0 0 0 0 214 0000000 0 0 0 0 0 0 0 96 7000 6000 5000 4000 3000 2000 1000 0 Confusion matrix, without normalization backdoor injection normal password ransomware scanning xss Motion light Random forest Predicted label True label ddos backdoor injection normal password ransomware xss scanning ddos 999 0 0 0 0 0 0 0 0 971 0 0 0 0 0 0 0 0 987 0 0 0 0 0 0 0 0 7010 0 0 0 0 0 0 0 0 1002 0 258 0 0 0 0 0 0 459 0 0 0 0 0 0 12 0 98 0 0 0 0 0 0 0 0 102 7000 6000 5000 4000 3000 2000 1000 0 Confusion matrix, without normalization backdoor injection normal password ransomware xss scanning Modbus Voting classier Predicted label True label injection backdoor normal password xss scanning 965 0 0 0 0 0 0 987 0 0 0 0 0 0 7075 0 0 0 0 0 0 996 0 0 0 0 0 0 92 0 0 0 0 0 0 107 7000 6000 5000 4000 3000 2000 1000 0 Confusion matrix, without normalization injection backdoor normal password xss scanning Discrete Dynamics in Nature and Society 7 classifier achieved maximum accuracy, that is, 99.7% on various datasets of the ToN-IoT telemetry dataset. Several ways are used to protect communication protocols [32, 33] and devices [34]. ,e summary of existing methods based on IDS for IoT is reported in Table 8 for comparing purposes. 5. Conclusion and Future Work Currently, several cybersecurity checks are implemented to maintain the security and privacy of IoT networks. Hence, this paper has presented an AI-based model for intrusion detection using seven datasets of TON-IoT telemetry datasets for IoT networks to include the contribution in this regard. ,e proposed model observes traffic across the IoT-based system and forecasts any possible intrusion using embedded artificial intelligence. ,e proposed model is trained and tested on seven datasets (,ermostat, GPS Tracker, Garage Door, and Modbus datasets) from the ToN-IoT dataset and achieved 99.7% accuracy using a voting classifier. Many efforts are still required to develop a smart city fully equipped with IoT-based sensors for secure and significant monitoring of all threats. Designing and building such security and privacy procedures for IoT appliances is necessary, making it a core element of any network. We propose to fuse the seven datasets of the TON-IoT dataset with various deep learning models as future work. Data Availability For experiments, in this work, we used a dataset known as the ToN-IoT Telemetry dataset [25], which can be retrieved at the ToN-IoT repository [26]. Conflicts of Interest ,e authors declare that there are no conflicts of interest. Acknowledgments ,is work was supported by the Artificial Intelligence and Data Analytics Lab (AIDA), Prince Sultan University, Riyadh, Saudi Arabia. ,e authors are thankful for the technical support. References [1] T. Saba, “Intrusion detection in smart city hospitals using ensemble classifiers,” in Proceedings of the 13th International Conference on the Developments on eSystems Engineering (DeSE2020), IEEE, Liverpool, United Kingdom, December 2020. [2] K. Haseeb, N. Islam, Y. Javed, and U. Tariq, “A lightweight secure and energy-efficient fog-based routing protocol for constraint sensors network,” Energies, vol. 14, no. 1, p. 89, 2020. [3] H. Yar, T. Hussain, Z. A. Khan, D. Koundal, M. Y. Lee, and S. W. Baik, “Vision sensor-based real-time fire detection in resource-constrained IoT environments,” Computational Intelligence and Neuroscience, vol. 2021, pp. 1–15, 2021. [4] T. Saba, T. Sadad, A. Rehman, Z. Mehmood, and Q. Javaid, “Intrusion detection system through advance machine learning for the internet of things networks,” IT Professional, vol. 23, no. 2, pp. 58–64, 2021. [5] H. Kolivand, M. S. Rahim, M. S. Sunar, A. Z. A. Fata, and C. Wren, “An integration of enhanced social force and crowd control models for high-density crowd simulation,” Neural Computing & Applications, vol. 33, no. 11, pp. 6095–6117, 2021. [6] A. Rehman Khan, T. Saba, T. Sadad, and S.-p. Hong, “Cloudbased framework for COVID-19 detection through feature fusion with bootstrap aggregated extreme learning machine,” Discrete Dynamics in Nature and Society, vol. 2022, pp. 1–7, 2022. [7] Y. Al-Hamar, H. Kolivand, M. Tajdini, T. Saba, and V. Ramachandran, “Enterprise credential spear-phishing Table 7: ,e accuracy obtained on each classifier. Dataset Classifier Accuracy (%) Dataset Classifier Accuracy (%) Weather Random forest 99.3 Garage door Voting classifier 99.7 Voting classifier 99 Random forest 99.3 ANN 87.60 ANN 89.80 1D CNN 86.85 1D CNN 83.35 ,ermostat Voting classifier 99.7 Motion light Random forest 97.73 Random forest 99 Voting classifier 96.95 ANN 66.32 ANN 85.3 1D CNN 66.63 1D CNN 79.23 GPS tracker Voting classifier 99.7 Modbus Voting classifier 99.7 Random forest 99.5 Random forest 99.3 ANN 80.65 ANN 67.03 1D CNN 86.10 1D CNN 67.03 Table 8: Results comparisons in state of the art on public datasets. Reference Technique Dataset Accuracy (%) Proposed Voting classifier with SMOTE ToN-IoT telemetry 99.7 [35] Deep random neural network UNSW-NB15 99.5 [36] Deep learning NSL-KDD 86.95 8 Discrete Dynamics in Nature and Society attack detection,” Computers & Electrical Engineering, vol. 94, p. 107363, 2021. [8] V. K. Rahul, R. Vinayakumar, K. Soman, and P. Poornachandran, “Evaluating shallow and deep neural networks for network intrusion detection systems in cyber security,” in Proceedings of the 2018 9th Int. Conf. Comput. Commun. Netw. Technol. ICCCNT, IEEE, Bengaluru, India, July 2018. [9] G. A. Ajaeiya, N. Adalian, I. H. Elhajj, A. Kayssi, and A. Chehab, “Flow-based intrusion detection system for SDN,” Proc. - IEEE Symp. Comput. Commun., pp. 787–793, 2017. [10] A. Abubakar and B. Pranggono, “Machine learning based intrusion detection system for software defined networks,” in Proceedings of the - 2017 7th International Conference on Emerging Security Technologies, EST 2017, pp. 138–143, IEEE, Canterbury, UK, September 2017. [11] A. Kapitonov, S. Lonshakov, A. Krupenkin, and I. Berman, “Blockchain-based protocol of autonomous business activity for multi-agent systems consisting of UAVs,” in Proceedings of the 2017 Workshop on Research, Education and Development of Unmanned Aerial Systems, RED-UAS 2017, pp. 84–89, IEEE, ping, Sweden, October 2017. [12] D. Li, L. Deng, M. Lee, and H. Wang, “IoT data feature extraction and intrusion detection system for smart cities based on deep migration learning,” International Journal of Information Management, vol. 49, pp. 533–545, 2019. [13] T. Saba, K. Haseeb, A. A. Shah, A. Rehman, U. Tariq, and Z. Mehmood, “A machine-learning-based approach for autonomous IoT security,” IT Professional, vol. 23, no. 3, pp. 69–75, 2021. [14] M. Elhoseny, K. Haseeb, A. A. Shah, I. Ahmad, Z. Jan, and M. I. Alghamdi, “IoT solution for AI-enabled PRIVACYPREServing with big data transferring: an application for healthcare using blockchain,” Energies, vol. 14, no. 17, p. 5364, 2021. [15] R. Abbasi, B. Luo, G. Rehman, H. Hassan, M. S. Iqbal, and L. Xu, “A new multilevel reversible bit-planes data hiding technique based on histogram shifting of efficient compressed domain,” Vietnam Journal of Computer Science, vol. 5, no. 2, pp. 185–196, 2018. [16] R. Abbasi, L. Xu, F. Amin, and B. Luo, “Efficient lossless compression based reversible data hiding using multilayered n-bit localization,” Security and Communication Networks, vol. 2019, Article ID 8981240, 2019. [17] N. Islam, M. Altamimi, K. Haseeb, and M. Siraj, “Secure and sustainable predictive framework for IoT-based multimedia services using machine learning,” Sustainability, vol. 13, no. 23, p. 13128, 2021. [18] K. Haseeb, I. Ahmad, I. I. Awan, J. Lloret, and I. Bosch, “A machine learning SDN-enabled big data model for IoMT systems,” Electronics, vol. 10, no. 18, p. 2228, 2021. [19] M. Yasin, A. R. Cheema, and F. Kausar, “Analysis of Internet Download Manager for collection of digital forensic artefacts,” Digital Investigation, vol. 7, no. 1-2, pp. 90–94, 2010. [20] K. Haseeb, Z. Jan, F. A. Alzahrani, and G. Jeon, “A secure mobile wireless sensor networks based protocol for smart data gathering with cloud,” Computers & Electrical Engineering, vol. 97, p. 107584, 2022. [21] B. Z. H. Zhao, M. Ikram, H. J. Asghar, M. A. Kaafar, A. Chaabane, and K. ,ilakarathna, “A decade of mal-activity reporting: a retrospective analysis of internet malicious activity blacklists,” in Proceedings of the AsiaCCS - 2019 ACM Asia Conference on Computer and Communications Security, pp. 193–205, ACM, April 2019. [22] K. Haseeb, N. Islam, A. Almogren, and I. Ud Din, “Intrusion prevention framework for secure routing in WSN-based mobile Internet of ,ings,” IEEE Access, vol. 7, pp. 185496– 185505, 2019. [23] K. Haseeb, I. Ud Din, A. Almogren, I. Ahmed, and M. Guizani, “Intelligent and secure edge-enabled computing model for sustainable cities using green internet of things,” Sustainable Cities and Society, vol. 68, p. 102779, 2021. [24] N. Chaffin and M. Trent, “Common cybersecurity vulnerabilities in industrial control systems,” p. 88, 2011. [25] A. Alsaedi, N. Moustafa, Z. Tari, A. Mahmood, and A. Anwar, “TON_IoT telemetry dataset: a new generation dataset of IoT and IIoT for data-driven intrusion detection systems,” IEEE Access, vol. 8, pp. 165130–165150, 2020. [26] N. Moustafa, “TON-IoT dataset,” 2020, https://cloudstor. aarnet.edu.au/plus/s/ds5zW91vdgjEj9i. [27] J. Krupp, M. Backes, and C. Rossow, “Identifying the scan and attack infrastructures behind amplification DDoS attacks,” ACM Proceedings - ACM Conference on Computer and Communications Security, vol. 24-28, pp. 1426–1437, 2016. [28] D. Wendlandt, “Nessus: a security vulnerability scanning tool,” 2020, http://www.cs.cmu.edu/∼dwendlan/personal/ nessus.html. [29] C. Kolias, G. Kambourakis, A. Stavrou, and S. Gritzalis, “Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset,” IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp. 184–208, 2016. [30] M. Zolanvari, M. A. Teixeira, L. Gupta, K. M. Khan, and R. Jain, “Machine learning-based network vulnerability analysis of industrial internet of things,” IEEE Internet of 0ings Journal, vol. 6, no. 4, pp. 6822–6834, 2019. [31] R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, “Deep learning approach for intelligent intrusion detection system,” IEEE Access, I, vol. 7, , pp. 41525–41550, 2019. [32] R. Lacuesta, J. Lloret, M. Garcia, and L. Peñalver, “A secure protocol for spontaneous wireless ad hoc networks creation,” IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 4, pp. 629–641, 2013. [33] N. A. Alrajeh, S. Khan, J. Lloret, and J. Loo, “Secure routing protocol using cross-layer design and energy harvesting in wireless sensor networks,” International Journal of Distributed Sensor Networks, vol. 9, no. 1, p. 374796, 2013. [34] M. Lopez-Martin, B. Carro, A. Sanchez-Esguevillas, and J. Lloret, “Network traffic classifier with convolutional and recurrent neural networks for Internet of ,ings,” IEEE Access, vol. 5, pp. 18042–18050, 2017. [35] S. Latif, Z. Idrees, Z. Zou, and J. A. Drann, “A deep random neural network model for intrusion detection in industrial iot,” in Proceedings of the 2020 International Conference on UK-China Emerging Technologies (UCET), pp. 1–4, IEEE, Glasgow, UK, August 2020. [36] L. Yanmiao, X. Yingying, Z. Liu et al., “Robust detection for network intrusion of industrial iot based on multi-cnn fusion,” Measurement, vol. 154, p. 107450, 2020. Discrete Dynamics in Nature and Society 9 Copyright of Discrete Dynamics in Nature & Society is the property of Hindawi Limited and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use.