Dr Sulyman Abdulkareem
Academic and research departmentsInstitute for Communication Systems, School of Computer Science and Electronic Engineering.
Sulyman Abdulkareem received his BSc from the Computer Science Department, University of Ilorin, Ilorin Nigeria in 2014, and his MSc degree in Management Information Systems from the Faculty of Computing and Engineering, Coventry University, UK in 2017.
He is currently a PhD student at the 5G/6G Innovation Centre, School of Computer Science and Electronic Engineering, University of Surrey. His main area of research are network security, information systems, decision support systems, IT strategy, and project management.
Intrusion detection systems (IDS) protect networks by continuously monitoring data flow and taking immediate action when anomalies are detected. However, due to redundancy and significant network data correlation, classical IDS have shortcomings such as poor detection rates and high computational complexity. This paper proposes a novel feature selection and extraction technique (FI-PCA). Feature Importance (FI) and Principal Component Analysis (PCA) are used to preprocess the network dataset (PCA). FI identifies the most important features in the data, while PCA is used to reduce dimensionality and denoise the data. In order to detect anomalies, we employ three single classifiers: Decision Tree (DT), Naive Bayes and Logistic Regression. Preliminary results, however, show that these classifiers have achieved average classification metric scores. On this basis, we use the Stack Ensemble Learning Classifier (ELC) method of combining single classifiers to improve the classifier's performance further. Experimental results on varied feature dimensions of an IoT (Bot-IoT) dataset indicate that our proposed technique combined with the Stack ELC can maintain the same level of classification performance for reduced dataset features. A comparison of our result with state-of-the-art classifiers' classification performance shows that our classifier is superior in terms of accuracy and detection rate. At the same time, a remarkable decrease is recorded for both training and test time.
In recent years, there has been a notable surge in the Internet of Things (IoT) applications. Increasingly, IoT devices are being attacked. Network intrusion detection is a tool to detect any presence of malicious activities in a network. Machine learning (ML) techniques are increasingly used for classifying network traffic. However, results from state-of-the-art studies have shown that training ML classifiers with imbalanced datasets affect their classification performance, resulting in network categories with fewer training instances getting classified wrongly. This study presents a Stack ensemble ML classifier for network intrusion detection in an IoT network using the Bot-IoT dataset for the classifier evaluation. According to preliminary results, the classifier showed lower metric scores for minority network categories. We applied Synthetic Minority Oversampling Technique (SMOTE) to address the class imbalance. Follow-up experiment results for the SMOTE-Stack outclassed Stack and other state-of-the-art classifiers.