Research Article
Feature Entropy Estimation (FEE) for Malicious IoT Traffic and Detection Using Machine Learning
Table 1
Overview of reviewed IDS for IoT security.
| | Ref | Techniques | Attack types | Dataset | Drawbacks |
| | [10] | Machine learning | DoS, man-in-the-middle attack, spoofing, reply attack, etc. | ā | Does not support real-time detection | | [12] | Online sequential extreme learning machine | DoS, R2L, probe, U2R | NSL-KDD | It cannot analyze all kinds of attacks evolving in the highly dynamic IoT environment | | [13] | Autoencoders | DoS, R2L, probe, U2R | NSL-KDD, KDD99, real time | Not suitable for multiclass attack scenarios | | [14] | Social leopard algorithm | Ransomware attacks | UNSW-NB15 | Only applicable on ransomware attacks | | [15] | Support vector machine | DoS attacks | CICIDS2017 | Not suitable for changing traffic flow. | | [16] | Machine learning | Port scanning, HTTP and SSH brute force, and SYN flood attacks | Real IoT testbed | Operable on limited data rate of incoming packets | | [17] | Random forest | DoS, R2L, probe, U2R | KDD99 | Does not support real-time detection | | [18] | Deep feedforward neural network | DoS, R2L, probe, U2R | NSL-KDD | Does not support real-time detection | | [19] | Convolutional neural network | Flooding DDoS attack | Real IoT testbed | Training error shows steep convergence curve | | [20] | Machine learning | Botnets attacks | Bot-IoT dataset | Not suitable for multiclass attack scenarios |
|
|
