AS-CL IDS: anomaly and signature-based CNN-LSTM intrusion detection system for Internet of Things

In recent years, the internet of things (IoT) has had a significant impact on our daily lives, offering various advantages for improving our quality of life. However, it is crucial to prioritize the security of IoT devices and the protection of user's personal data. Intrusion detection systems (IDS) play a critical role in maintaining data privacy and security. An IoT IDS continuously monitors network activity and identifies potential security risks or attacks targeting IoT devices. While traditional IDS solutions exist, intrusion detection heavily relies on artificial intelligence (AI). AI can greatly enhance the capabilities of IoT IDS through real-time monitoring, precise threat identification, and automatic response capabilities. It is essential to develop and utilize these technologies securely and responsibly to mitigate potential risks and safeguard user privacy. A hybrid IDS was proposed for anomaly-based and signature-based intrusions, leveraging convolutional neural network with long short-term memory (CNN-LSTM). The name of the proposed hybrid model is anomaly and signature-based CNN-LSTM intrusion detection system (AS-CL IDS). The AS-CL IDS concentrated on two different IoT IDS detection strategies employing a combination of deep learning techniques. The model includes model training and testing as well as data preprocessing. The CIC-IDS 2018, IoT network intrusion dataset, MQTT-IoT-IDS2020, and BoTNeTIoT-L01 datasets were used to train and test the AS-CL IDS. The overall performance of the proposed model was assessed using accepted assessment metrics. Despite reducing the number of characteristics, the model achieved 99.81% accuracy. Furthermore, a comparison was made between the proposed model and existing alternative models to demonstrate its productivity. As a result, the proposed model proves valuable for predicting IoT attacks. Looking ahead, the deployment strategy of the IoT IDS can anticipate the utilization of real-time datasets for future implementations.