Summary of articles

28-08-2024
Article 1: Dynamic distributed generative adversarial network for intrusion
detection system over internet of things
1. Article Overview

Authors: S. Balaji , S. Sankara Narayanan

Publication Info: The Author(s), under exclusive licence to Springer Science+Business Media,
LLC, part of Springer Nature 2022,

24 October 2022

Main Objective: The building of the DD-GAN model, preprocessing, feature extraction, feature
selection, and detection method are the primary contributions of this study

2. Core Methodology

Approach/Model: Summarize the approach or model used for intrusion detection in IoT.

Techniques and Tools: This work proposed a Dynamic Distributed Generative Adversarial
Network (DD-GAN) with Improved Firefly Optimization Hybrid Deep Learning based Convo-
lutional Neural Network -Adaptive Neuro-Fuzzy Inference System (IFFO-HDLCNN + ANFIS) that
takes gain of IoT’s power, offers enhanced behavior for efficiently examining the entire traffic
which traverses in the IoT. Initially, Synthetic Minority Over-sampling Technique (SMOTE) is
engaged for pre-processing of data and then Modified Principal Com- ponent Analysis (MPCA) is
being applied for feature reduction. The optimal features are selected through the Improve
Firefly Optimization (IFFO) for optimum fitness value to enhance the classification accuracy of
HDLCNN. Finally the intrusion detection is carried out by HDLCNN + ANFIS model,

Dataset and Experiments:

In this experimentation the daily activity recognition database is utilized, which was acquired
via a smart phone from 30 people of various genders, ages, heights, and weights.

The dataset comprises a collection of 2,365 recordings, each of which has 565 frequency and
time domain variables. It divides the dataset as 75% for training and 25% as test datasets made
up of the following attributes: Walking forward, walking left, walking right, walking staircase,
leisurely moving forward, fitness values, heart beat samples, blood pressure values, walking
downstairs, running, skipping, running forward, sitting, footing, resting, idle, breathing, elevator
up, and elevator downward
  At first, Human Activity Recognition (HAR) dataset is given as input and further SMOTE is
utilized for pre- processing, and it is designed to handle the imbalanced dataset
effectively that result of balanced data is then used to extract features.
 Second, MPCA is being employed to extort more informative features throughout the
feature extraction process.
 Third, Feature selection process is performed using IFFO method, which selects the best
features from the dataset. Through the optimum fitness value, IFFO enhances
classification accuracy.
 The intrusion detection is then carried out using the HDLCNN + ANFIS method, which is
employed to efficiently detect threats.
3. Key Findings

Results: The model was trained on the HAR dataset and had the following results

Accuracy: 94%

Precision: 94.45%

Recall: 93.6%

F1 measure: 93.6%

FPR : 1.22%

Comparative Analysis

4. Discussion and Implications

Interpretation: This results shows that the IDS will be more robust with the use of a Dynamique
Generative Adversarial Network

Limitations and Future Work: It has been proven that employing IDS as an important agent in
the deep learning field, and also demonstrated that DD-GAN is a fashionable tool in this field.
Hence in this work, a dynamic distributed DD- GAN model is built to identify both internal and
external threats in the distributed IoT networks which contain huge heterogeneous data from
device.

In future works, they considered constructing an exciting, dexterous, and lightweight

distributed method to deploy the model in the end devices of Internet of Things Networks.

5. Relevance to Thesis

Connection to my Work:

The DD-GAN is a suitable tool to develop an adversarial component that generates new attack
patterns based on current threat landscapes.

Possibly a continuous addition of new patterns generated by DD-GAN in the original training set
in order to maintain a continuously updated training set that includes both normal and
adversarial behaviors.

A Reinforcement learning framework like Hybrid Deep Learning based CNN can be used for my
work

Ideas and Questions: How do we use DD-GAN to maintain a continuously updated training set
that includes both normal and adversarial behaviors.

Article 2: Intrusion Detection in IoT Using Deep Learning

1. Article Overview

Authors Alaa Mohammed Banaamah and Iftikhar Ahmad

Publication Info:

Received: 18 August 2022

Accepted: 26 October 2022

Published: 2 November 2022

Main Objective This research explores intrusion detection methods implemented using deep
learning, compares the performance of different deep learning methods, and identifies the best
method for implementing intrusion detection in IoT.

2. Core Methodology

Approach/Model: Summarize the approach or model used for intrusion detection in IoT.

Techniques and Tools: CNN, LSTM, GRU; Tensorflow, Keras

Dataset and Experiments: The dataset is named Bot-IoT was developed on a realistic network
design with traffic from botnets and normal systems. Attacks are categorized and thereafter
labeled. Botnet traffic is created by compromised network nodes/bots that receive commands
from a central node called the botmaster. Botnet traffic can be used to attack a system sending
back information to the botmaster.

 The data is first preprocessed that is, standardization, normalization, and data cleaning
 They then continues with feature selection. The adopted features were “dur”, “rate”,
“srate”, and “drate”, and these features were used to represent time and duration that
affect the classification of attacks.
 Adoption of different models to predict the attack
 Train the models on 80% of the dataset, tested and evaluated on the remaining 20
3. Key Findings

Results:

Comparative Analysis:
 4. Discussion and Implications

Interpretation:

To improve the adaptive capabilities of IDSs, a model can be implemented in order to detect
intrusions in IOT systems and in this case, LSTM networks are the most convenient.

Limitations and Future Work: More datasets for intrusion detection systems can be explored in
future in order to improve performance.

5. Relevance to Thesis

Connection to Your Work: Such a work can be used to build an Adaptative attack generation
component

Article 3: Intrusion detection and prevention system for iot systems using
generative adversarial networks: challenges & solutions

Article Overview

Authors : Mansoor Farooq

Publication Info:

Received 20 January, 2024

Received in revised form 19 February, 2024

Accepted 15 March, 2024

Published online 17 April, 2024

Main Objective: This research aims to propose a novel approach utilizing Generative
Adversarial Networks (GANs) for anomaly detection in IoT
 1. Core Methodology

Approach/Model: The methodology used here globally is data collection, normalizing, handle
missing values, Mean imputation. Median imputation, Regression imputation , feature scaling,
min-max scaling, standardization and application of Anomaly detection using GANs.

The working principle of Generative Adversarial Networks (GANs) involves two main
components: a generator network and a discriminator network. The generator network
generates synthetic samples that resemble the real data, while the discriminator network
distinguishes between the real and synthetic samples. These components are trained in an
adversarial manner, pushing each other to improve their performance and generate
realistic synthetic data

Techniques and Tools: GAN, Tensorflow, Anaconda.

Dataset and Experiments:

This data typically includes readings from different sensors, such as temperature, humidity,
motion, and network traffic logs. The collected data serves as the basis for training the GAN
model to learn normal behavior patterns and identify anomalies.

2. Key Findings

Results:
Comparative Analysis:

3. Discussion and Implications

Interpretation:

 Anomaly Detection: The proposed system utilizes GANs for anomaly detection,
which can capture the underlying data distribution and generate synthetic samples
that closely resemble the real data. This allows for the effective identification of
anomalies in the IoT environment.
 Unsupervised Learning: The GAN-based approach enables unsupervised learning,
meaning it does not require labelled anomaly data for training. This makes it applicable
to scenarios where labelled data may be scarce or difficult to obtain.
 Adaptability: The GAN model can adapt to changes in the data distribution over time,
allowing for continuous monitoring and detection of evolving anomalies in the IoT
system.

Limitations and Future Work: Training complexity, Overfitting and False Positives and
Negatives(No balance between them)

Future work: Class Imbalance and Dataset variability

4. Relevance to Thesis

Connection to Your Work: This article permits me to understand that I will definitely use GANs
for Adaptive attack Generation and dynamic training set