An enhanced Deep-Learning empowered Threat-Hunting Framework for software-defined Internet of Things

Prabhat Kumar, Alireza Jolfaei, A. K.M. Najmul Islam

Research output: Contribution to journalArticlepeer-review

3 Downloads (Pure)

Abstract

The Software-Defined Networking (SDN) powered Internet of Things (IoT) offers a global perspective of the network and facilitates control and access of IoT devices using a centralized high-level network approach called Software Defined-IoT (SD-IoT). However, this integration and high flow of data generated by IoT devices raises serious security issues in the centralized control intelligence of SD-IoT. Motivated by the aforementioned challenges, we present a new Deep-Learning empowered Threat Hunting Framework named DLTHF to protect SD-IoT data and detect (binary and multi-vector) attack vectors. First, an automated unsupervised feature extraction module is designed that combines data perturbation-driven encoding and normalization-driven scaling with the proposed Long Short-Term Memory Contractive Sparse AutoEncoder (LSTMCSAE) method to filter and transform dataset values into the protected format. Second, using the encoded data, a novel Threat Detection System (TDS) using Multi-head Self-attention-based Bidirectional Recurrent Neural Networks (MhSaBiGRNN) is designed to detect cyber threats and their types. In particular, a unique TDS strategy is developed in which each time instances is analyzed and allocated a self-learned weight based on the degree of relevance. Further, we also design a deployment architecture for DLTHF in the SD-IoT network. The framework is rigorously evaluated on two new SD-IoT data sources to show its effectiveness.

Original languageEnglish
Article number104109
Number of pages12
JournalComputers and Security
Volume148
DOIs
Publication statusPublished - Jan 2025

Keywords

  • Deep learning
  • Internet of Things
  • Intrusion detection system
  • Software-defined networking

Fingerprint

Dive into the research topics of 'An enhanced Deep-Learning empowered Threat-Hunting Framework for software-defined Internet of Things'. Together they form a unique fingerprint.

Cite this