An Enhanced LSTM Approach for Detecting IoT-Based DDoS Attacks Using Honeypot Data

An Enhanced LSTM Approach for Detecting IoT-Based DDoS Attacks Using Honeypot Data

Abstract One of the widening perils in network security is the Distributed Denial of Service (DDoS) attacks on the Internet of Things (IoT) ecosystem. This paper presents an enhanced Intrusion Detection System (IDS) through the proposal of an enhanced version of the long short-term memory (LSTM) mod...

Full description

Saved in:
Bibliographic Details
Main Authors: Arjun Kumar Bose Arnob, M. F. Mridha, Mejdl Safran, Md Amiruzzaman, Md. Rajibul Islam
Format: Article
Language:English
Published: Springer 2025-02-01
Series:International Journal of Computational Intelligence Systems
Subjects:
IoT
DDoS attacks
Intrusion detection
Enhanced LSTM
Honeypot
IoT-DH Dataset
Online Access:https://doi.org/10.1007/s44196-025-00741-7
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Abstract One of the widening perils in network security is the Distributed Denial of Service (DDoS) attacks on the Internet of Things (IoT) ecosystem. This paper presents an enhanced Intrusion Detection System (IDS) through the proposal of an enhanced version of the long short-term memory (LSTM) model to detect DDoS attacks using honeypot-generated data. The proposed model aggregates the Conv1D, Bidirectional Long Short-Term Memory (Bi-LSTM), Bidirectional Gated Recurrent Unit (Bi-GRU), and dropout layers to extract temporal and spatial features from IoT traffic effectively. We tested the efficacy of the proposed system on a real-world IoT-DH dataset, which showed a remarkable accuracy of 99.41%, with an AUC score of 0.9999. A comparative analysis with other baseline models, such as LSTM, Bidirectional LSTM (Bi-LSTM), Gated Recurrent Unit (GRU), Recurrent Neural Network (RNN), Feedforward Neural Network (FNN), and Temporal Convolutional Network (TCN), proved that enhanced LSTM outperformed the other models. This indicates the robustness of the proposed model in correctly detecting DDoS attacks with high generalization capability for unseen traffic data. The contribution of this paper will be an addition to the deep learning techniques applied for the solution of intrusion detection systems (IDS), which will also allow the building and implementation of more efficient security mechanisms in IoT environments.
ISSN:1875-6883

Similar Items