The document discusses a multi-objective evolutionary algorithm-based approach to intrusion detection for Internet of Things (IoT) devices, highlighting the increasing importance of IoT security due to the projected growth of connected devices. It compares the effectiveness of a modified Multi-Objective Particle Swarm Optimization (MOPSO) against traditional methods, emphasizing its superior performance in identifying anomalies in IoT networks. The study concludes that the proposed machine learning-based IDS is a promising solution for enhancing IoT security.

2. MULTI-
OBJECTIVE INTELLIGENT
COMPUTATIONAL ALGORITHMS:
AN APPROACH TOWARD
INTRUSION DETECTION IN
INTERNET OF THINGS ERA
BY MARIA HABIB
SUPERVISED
BY DR. IBRAHIM ALJARAH
THURSDAY 25, 2019

3. Outline
Introduction Quick
Background
Glance to
Literature Review
Methodology Results Conclusion

4. Introduction
(IoT)
https://www.astellia.com/solutions/technologies/harness-the-business-potential-of-iot/

5. Introduction
Whydoes the security
ofIoT devices matter
tous?
Gartner Inc. has estimated the number of
IoT connected will reach 20.6 billion
devices in 2020.
The economical gain of IoT, it has reached
a peak of $120 billion in 2016, and will
reach $6.2 trillion by 2027.

6. Introduction
IoTCont. ..
Hewlett Packard (HP) reports that 80% failed
to have adequate password complexity.
In 2015, a drug pump was hacked, and the
attacker has increased the dosage of drug for
the patient without the notice of nurses.
Mirai (IoT botnet) malware in 2016 infected
up to 300,000 devices.

7. Objective
Several security solutions have been
proposed were led to heavy
computational load.
• Used simulated (were no real) IoT datasets.
• Limited number of IoT attacks.
Designing an approach for
IDSs based on machine learning
(multi-objective evolutionary
algorithms) for real IoT networks.

8. Multi-
Objective
Optimization
(MOO)
 Two or three objective functions.
 Dominance vs relational operators .
 Pareto optimal set (non-dominated).
f1 & f2 are minimization objectives
(b) dominates (c)
(a & b) are non-dominated solutions
(15,3)
(10,2)
(8,3)

9. Feature
Selection
Optimization
IoT results in big, high-dimensional data.
Designing a machine learning based IDS for IoT
requires preprocessing large amount of features.
Feature selection considered NP-hard optimization
problem for high-dimensional data.
Metaheuristics.

10. Metaheuristics are nature-inspired algorithms that
mimic the natural evolution process and inspired
by the Darwinian principles in nature.
Nature-Inspired
Algorithms
Evolutionary-
based
Swarm-based
Evolutionary
Algorithms
John Henry Holland
EAs were the root, which basically established by Holland.
https://en.wikipedia.org/wiki/John_Henry_Holland

11. Multi-objective
(MOO)
vs
Single-
objective
(SOO)
MOO can produce efficient set of solutions (trade-off) at
single run, whereas SOO needs running so many times.
MOO does not require a priori knowledge (preferences)
before model building, SOO needs a priori knowledge to
design the fitness function.
MOO avoid the burden of weights tuning of the objective
function.

12. PSO is metaheuristic algorithm that inspired by the social
behavior of bird flocking or fish schooling.
Population of particles, each has velocity & position.
Follows pbest, gbest to move within the search space.
PSO

13. MOPSO
Classical MOPSO (2002) the first attempt
to extend PSO into MOPSO (high probability to
stuck in local optimal & premature convergence).
MOPSO (2004), secondary external
archive, and a mutation operator.
to update gbest

14. Glance to
RelatedWorks
RF, NB, NN, Gradient Boosting utilized for attacks detection in IoT.
Hamamoto et al. (2018) designed network anomaly detection
technique based on genetic algorithm and fuzzy logic.
Hajimirzaei and Navimipour (2018) proposed IDS that classifies
network traffic into normal and malicious using Multilayer
Perceptron that trained by Artificial Bee Colony algorithm.
Sanchez-Pi et al. (2018) applied Voronoi diagram-based
Evolutionary Algorithm (VorEAl) in order to detect intrusions using
"Australian defense force academy Linux" dataset (doesn't represent
real IoT traffic).
Very few implemented EAs or MOEAs for IDSs for IoT.

15. Methodology
Design A modified MOPSO based on Lévy Flight (with
sensitivity analysis).
Compare The modified MOPSO with the
original MOPSO (Coello,2004).
Compare The performance of modified MOPSO with
other MOEAs.
Compare The modified MOPSO with filter-
based methods.

16. Binary
MOPSO
Sigmoid(S1)
Particles’ positions vector encode all features

17. Multi-Objective
FeatureSelection

18. Fitness
Formulation
Positive: Anomaly
Negative: Normal

19. Lévy Flight &
Lévy
Distribution
Paul Pierre Lévy
Lévy distribution: heavy-tailed distribution, with large step length.
​Lévy Flight is a random walk where the jump's size follows Lévy distribution.
Examples: foraging behavior of bacteria, albatross, and bumblebees.
https://seekingalpha.com/article/3670366

20. Modified
MOPSO
(pg. 70)

21. Methodology
Flowchart
All using Matlab & 30 runs

22. Created
Datasets
UCI(2018)
A stratified samples were created (2000 instances)
Normal class is the minor class & Anomaly is the major class

23. Attacks
Distributions
forTraining &
Testing

24. Evaluation
Measures
(Eqs. Inpgs. 78-80)
Accuracy
True Positive Rate (TPR)
False Alarm Rate (FAR)
True Negative Rate (TNR)
G-mean
Area Under Curve (AUC)
No. of Features

25. Sensitivity
Analysis
(Avg. FAR)

26. Sensitivity
Analysis
(Avg.G-mean)

27. MOPSO-Lévy
vs
MOPSO
(pg. 88)
MOPSO-Levy best in 5 of 7

28. MOPSO-Lévy
vs
MOPSO
(pg. 88)

29. MOPSO-Lévy
vs MOPSO
(AveragePareto
Front)
Error rate=1-accuracy
pg. 90

30. MOPSO-Lévy
vs MOEAs
(Avg. FAR)

31. MOPSO-Lévy
vs MOEAs
(Avg.G-mean)

32. MOPSO-Lévy
vs MOEAs
(Average
Pareto Front)
Error rate=1-accuracy

33. MOPSO-Lévy
vs MOEAs
P-values
(avg.G-mean)

34. MOPSO-Lévy
vs Filter
Methods
(Accuracy)

35. Conclusion
Designed an approach machine learning-based intrusion
detection for IoT (Multi-Objective evolutionary approach).
The proposed approach compared with original MOPSO,
MOEAs, filter-based method.
The proposed approach achieved very good results to be
recommened for IDSs.

36. https://fineartamerica.com
Thanks

37. Any question?