Abstract Due to the development of cloud computing and Internet of Things (IoT) environments, such as healthcare systems, telecommunications and Industry 4.0 or Industrial IoT (IIoT) many daily services are transformed. Therefore, Security issues become useful to better protect these novel technologies. IIoT security represents a real challenge for industry actors and academic research. A set of security approaches, such as intrusion detection are integrated to improve IIoT environments security. Hence, an Intrusion Detection System (IDS) aims to monitor, detect an intrusion in real time and then make reliable decisions. Many recent IDS incorporate Machine Learning (ML) techniques to improve their Accuracy (ACC), precision and Detection Rate (DR). This paper presents a hybrid IDS for Edge-Based IIoT Security using ML techniques. This new hybrid framework is based on misuse and anomaly detection using K-Nearest Neighbor (K-NN) and Principal Component Analysis (PCA) techniques. Specifically, the K-NN classifier has been incorporated to improve detection accuracy and make effective decision and the PCA is used for an enhanced feature engineering and training process. The obtained results have proven that our proposed Framework presents many advantages compared with other recent models. It gives good results with 99.10% ACC, 98.4% DR 2.7% False Alarm Rate (FAR) on NSL-KDD dataset and 98.2% ACC, 97.6% DR, 2.9% FAR on Bot-IoT dataset.

References

[1] Abd S., Alsajri M., and Ibraheem H., “Rao-SVM Machine Learning Algorithm for Intrusion Detection System,” Iraqi Journal for Computer Science and Mathematics, vol. 1, no. 1, pp. 23-27, 2020.

[2] Ahmim A., Maglaras L., Ferrag M., Derdour M., and Janicke H., “A Novel Hierarchical Intrusion Detection System Based on Decision Tree and Rules-Based Models,” in Proceeding of the International Conference on Distributed Computing in Sensor Systems, Santorini, pp. 228- 233, 2019.

[3] Alazzam H., Sharieh A., and Sabri K., “A Feature Selection Algorithm for Intrusion Detection System Based on Pigeon Inspired Optimizer,” Expert Systems with Applications, vol.148, pp. 113249, 2020.

[4] Aldweesh A., Derhab A., and Emam A., “Deep Learning Approaches for Anomaly-Based Intrusion Detection Systems: A Survey, Taxonomy, and Open Issues,” Knowledge-Based Systems, vol. 189, pp. 105124, 2020.

[5] Amini M., Rezaeenour J., and Hadavandi E., “A Neural Network Ensemble Classifier for Effective Intrusion Detection Using Fuzzy Clustering and Radial Basis Function Networks,” International Journal on Artificial Intelligence Tools, vol. 25, no. 02, pp. 1550033, 2016.

[6] Atzori L., Iera A., and Morabito G., “The Internet of Things: A Survey,” Computer Networks, vol. 54, no. 15, pp. 2787-2805, 2010.

[7] Ayo F., Folorunso S., Abayomi-Alli A., Adekunle A., and Awotunde J., “Network Intrusion Detection Based on Deep Learning Model Optimized with Rule-based Hybrid Feature Selection,” Information Security Journal: A Global Perspective, vol. 29, no. 6, pp. 267-283, 2020.

[8] Azrour M., Mabrouki J., Farhaoui Y., and Guezzaz A., “Experimental Evaluation of Proposed Algorithm for Identifying Abnormal Messages in SIP Network,” in Intelligent Systems in Big Data, Semantic Web and Machine Learning, pp. 1–10, 2021.

[9] Azrour M., Mabrouki J., and Chaganti R., “New Efficient and Secured Authentication Protocol for Remote Healthcare Systems in Cloud-IoT,” Security and Communication Networks, 2021.

[10] Azrour M., Mabrouki J., Guezzaz A., and Farhaoui Y., “New Enhanced Authentication Protocol for Internet of Things,” Big Data Mining and Analytics, vol. 4, no. 1, pp. 1-9 2021.

[11] Azrour M., Mabrouki J., Guezzaz A., and Kanwal A., “Internet of Things Security: Challenges and Key Issues,” Security and Communication Networks, vol. 2021, 2021.

[12] Azrour M., Mabrouki J., Fattah G., Guezzaz A., and Aziz F., “Machine Learning Algorithms for Efficient Water Quality Prediction Model,” Modeling Earth Systems and Environment, vol. 8, no. 2, pp. 27930-2801, 2021.

[13] Bagaa M., Taleb T., Bernabe J., and Skarmeta A., “A Machine Learning Security Framework for Iot Systems,” IEEE Access, vol. 8, pp. 114066- 114077, 2020.

[14] Chaabouni N., Mosbah M., Zemmari A., Sauvignac C., and Faruki P., “Network Intrusion Detection for IoT Security based on Learning Techniques,” IEEE Communications Surveys and Tutorials, vol. 31, no. 3, pp. 2671-2701, 2019.

[15] Chanal P. and Kakkasageri M., “Security and Privacy in IoT: A Survey,” Wireless Personal Communications, vol. 115, no. 2, pp. 1667-1693, 2020.

[16] Chiba Z., Abghour N., Moussaid K., Elomri A., and Rida M., “Intelligent Approach to Build A Deep Neural Network Based IDS for Cloud Environment Using Combination of Machine Learning Algorithms,” Computers and Security, vol. 86, pp. 291-317, 2019.

[17] Chiba Z., Abghour N., Moussaid K., and Rida M., “A Cooperative and Hybrid Network Intrusion Detection Framework in Cloud Computing Based on Snort and Optimized Back Propagation Neural Network,” Procedia Computer Science, vol. 83, pp. 1200-1206, 2016.

[18] Çavuşoğlu Ü., “A New Hybrid Approach for Intrusion Detection Using Machine Learning Methods,” Applied Intelligence, vol. 49, no. 7, pp. 2735-2761, 2019.

[19] Colakovic A. and Hadÿzialic M., “Internet of Things (IoT): A Review of Enabling Technologies, Challenges, and Open Research Issues,” Computer Networks, vol. 144, pp. 17-39, 2018.

[20] Elmasry W., Akbulut A., and Zaim A., “Evolving Deep Learning Architectures for Network Intrusion Detection Using A Double PSO Metaheuristic,” Computer Networks, vol. 168, pp. 107042, 2020.

[21] Fang W., Tan X., and Wilbur D., “Application of Intrusion Detection Technology in Network Safety Based on Machine Learning,” Safety Science, vol. 124, pp. 104604, 2020.

[22] Farhan B. and Jasim A., “A Survey of Intrusion Detection Using Deep Learning in Internet of Things,” Iraqi Journal for Computer Science and A Lightweight Hybrid Intrusion Detection Framework using Machine Learning ... 829 Mathematics, vol. 3, no. 1, pp. 83-93, 2022.

[23] Fernandes G., Rodrigues J., and Carvalho L., “A Comprehensive Survey on Network Anomaly Detection,” Telecommunication Systems, vol. 70, no. 3, pp. 447-489, 2019.

[24] Ferrag M., Maglaras L., Moschoyiannis S., and Janicke H., “Deep Learning for Cyber Security Intrusion Detection: Approaches, Datasets, and Comparative Study,” Journal of Information Security and Applications, vol. 50, pp. 102419, 2020.

[25] Gu J., Wang L., Wang H., and Wang S., “A Novel Approach to Intrusion Detection Using SVM Ensemble with Feature Augmentation,” Computers and Security, vol. 86, pp. 53-62, 2019.

[26] Guezzaz A., Asimi A., Asimi Y., Tbatou Z., and Sadqi Y., “A Global Intrusion Detection System using PcapSockS Sniffer and Multilayer Perceptron Classifier,” International Journal of Network Security, vol. 21, no. 3, pp. 438-450, 2019.

[27] Guezzaz A., Asimi Y., Azrour M., and Asimi A., “Mathematical Validation of Proposed Machine Learning Classifier for Heterogeneous Traffic and Anomaly Detection,” Big Data Mining and Analytics, vol. 4, no. 1, pp. 18-24, 2021.

[28] Guezzaz A., Asimi A., Asimi Y., Azrour M., and Benkirane S., “A distributed intrusion detection approach based on machine learning techniques for a cloud security,” in Intelligent Systems in Big Data, Semantic Web and Machine Learning, Springer, pp. 85-94, 2021.

[29] Guezzaz A., Asimi A., Sadqi Y., Asimi Y., and Tbatou Z., “A New Hybrid Network Sniffer Model Based on Pcap Language and Sockets (Pcapsocks),” International Journal of Advanced Computer Science and Applications, vol. 7, no. 2, 2016.

[30] Guezzaz A., Benkirane S., Azrour M., and Khurram S., “A Reliable Network Intrusion Detection Approach Using Decision Tree with Enhanced Data Quality,” Security and Communication Networks, vol. 2021, 2021.

[31] Hadi A.,“Performance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm,” International Journal of Applied Engineering Research, vol. 13, no. 2, pp. 1520- 1527, 2018.

[32] Hassan M., Gumaei A., Alsanad A., Alrubaian M., and Fortino G., “A Hybrid Deep Learning Model for Efficient Intrusion Detection in Big Data Environment,” Information Sciences, vol. 513, pp. 386-396, 2020.

[33] Ingham M., Marchang J., and Bhowmik D., “IoT Security Vulnerabilities and Predictive Signal Jamming Attack Analysis in LoRaWAN,” IET Information Security, vol. 14, no. 4, pp. 368-379, 2020.

[34] Ji S., Jeong B., Choi S., and Jeong D., “A Multi- Level Intrusion Detection Method for Abnormal Network Behaviors,” Journal of Network and Computer Applications, vol. 62, pp. 9-17, 2016.

[35] Kevric J., Jukic S., and Subasi A., “An Effective Combining Classifier Approach Using Tree Algorithms for Network Intrusion Detection,” Neural Comput and Applic, vol. 28, no. 1, pp. 1051-1058, 2017.

[36] Khraisat A., Gondal I., Vamplew P., and Kamruzzaman J., “Survey of Intrusion Detection Systems: Techniques, Datasets and Challenges,” Cybersecurity, vol. 2, no. 1, pp. 1-22, 2019.

[37] Kirana K., Devisettya R., Kalyana N., Mukundini K., and Karthi R., “Building a Intrusion Detection System for IoT Environment using Machine Learning Techniques,” Procedia Computer Science, vol. 171, pp. 2372-2379, 2020.

[38] Kumar B., Raju M., Vardhan B., “Enhancing the Performance of an Intrusion Detection System through Multi-Linear Dimensionality Reduction and Multi-Class SVM,” International Journal of Intelligent Engineering and Systems, vol. 11, no. 1, pp. 181-192, 2018.

[39] Masdari M. and Khezri H., “A Survey and Taxonomy of the Fuzzy Signature-based Intrusion Detection Systems,” Applied Soft Computing, vol. 92, pp. 106301, 2020.

[40] Mighan S. and Kahani M., “A Novel Scalable Intrusion Detection System Based on Deep Learning,” International Journal of Information Security, vol. 20, no. 3, pp. 387-403, 2020.

[41] Moustafa N. and Slay J., “The Evaluation of Network Anomaly Detection Systems: Statistical Analysis of the Unsw-Nb15 Data Set and the Comparison with the Kdd99 Data Set,” Information Security Journal: A Global Perspective, vol. 25, no. 1-3, pp. 18-31, 2016.

[42] Mukherjee S., Sharma N., “Intrusion Detection using Naive Bayes Classifier with Feature Reduction,” Procedia Technology, vol. 4, pp. 119-128. 2012.

[43] Noor M. and Hassan W., “Current Research on Internet of Things (IoT) Security: A Survey,” Computer Networks, vol. 148, pp. 283-294, 2018.

[44] Prasad M., Tripathi S., and Dahal K., “An Efficient Feature Selection Based Bayesian and Rough Set Approach for Intrusion Detection,” Applied Soft Computing, vol. 87, pp. 105980, 2020.

[45] Sarker I., Abushark Y., Alsolami F., and Khan A., “IntruDTree: A Machine Learning Based Cyber Security Intrusion Detection Model,” Symmestry, vol. 15, no. 5, pp. 754, 2020.

[46] Sethi K., Rupesh E., Kumar R., Bera P., and Madhav Y., “A Context-Aware Robust Intrusion Detection System: A Reinforcement Learning- Based Approach,” International Journal of 830 The International Arab Journal of Information Technology, Vol. 19, No. 5, September 2022 Information Security, vol. 19, no. 6, pp. 657-678, 2020.

[47] Snort-Network Intrusion Detection and Prevention System., https://www.snort.org/ Last Visited, 2022.

[48] Tabash M., Abd-Allah M., and Tawfik B., “Intrusion Detection Model Using Naive Bayes and Deep Learning Technique,” The International Arab Journal of Information Technology, vol. 17, no. 2, pp. 215-224, 2020.

[49] Tavallaee M., Bagheri E., Lu W., and Ghorbani A., “A Detailed Analysis of the KDD CUP 99 Dataset,” in Proceedings of the IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, pp.1-6, 2009.

[50] Topirceanua A. and Grosseckb G., “Decision Tree Learning Used for the Classification of Student Archetypes in Online Courses,” Procedia Computer Science, vol. 112, pp. 51-60, 2017.

[51] Verma A. and Ranga V., “Machine Learning Based Intrusion Detection Systems for IoT Applications,” Wireless Personal Communications, vol. 111, no. 4, pp. 2287-2310, 2019.

[52] Wu Y., Lee W., Gong X., and Wang H., “A Hybrid Intrusion Detection Model Combining SAE with Kernel Approximation in Internet of Things,” Sensors, vol. 20, no. 19, pp. 5710, 2020.

[53] Yao H., Gao P., Zhang P., Wang J., Jiang C., and Lu L.,” Hybrid Intrusion Detection System for Edge-Based IIoT Relying on Machine-Learning Aided Detection” IEEE Network, vol. 33, no. 5, pp. 75-81, 2018. Azidine Guezzaz received his Ph.D from Ibn Zohr University Agadir, Morocco in 2018. He is currently an assistant professor of computer science and mathematics at Cadi Ayyad University Marrakech. His main field of research interest is computer security, cryptography, artificial intelligence, intrusion detection and smart cities. Mourade Azrour received his PhD from Faculty of sciences and Technologies, Moulay Ismail University, Errachidia, Morocco. He received his MS in computer and distributed systems from Faculty of Sciences, Ibn Zouhr University, Agadir, Morocco in 2014. Mourade currently works as compter sciences professor at the Department of Computer Science, Faculty of Sciences and Technologies, Moulay Ismail University. His research interests include Authentication protocol, Computer Security, Internet of things, Smart systems. Mourade is member of the member of the scientific committee of numerous international conferences. He is also a reviewer of various scientific journals. Mourade Has edited a scientific book “IoT and Smart Devices for Sustainable Environment” and his is a guest editor in journal “EAI Endorsed Transactions on Internet of Things”. Said Benkirane received his PhD from Choaib Dokkali University, El jadida, Morocco in 2013. He is currently a PH professor of computer science and mathematics at Cadi Ayyad University Marrakech. His research interests include computer security, artificial intelligence, smart cities and VANET networks Mouaad Mohy-Eddine received his Master in Computer science and Big Data from Sultan Molay Solaimane University Khouribga, Morocco in 2020. He is currently a PhD student of computer security at Cadi Ayyad University Marrakech. His main field of research interest is machine learning, intrusion detection and IoT security. Hanaa Attou received his engineer diploma in Big Data and Decision making from Mohamed V University, Rabat, Morocco in 2020. She is currently a PhD student of computer security at Cadi Ayyad University Marrakech. His main field of research interest is networking, deep learning and cloud security. Maryam Douiba received his engineer diploma from Hassan I, Settat, Morocco, in 2014. She is currently a PhD student of computer security at Cadi Ayyad University Marrakech. His main field of research interest is machine learning, Blockchain technology and IoT Security.