dc.contributor.author | Zhang, Hongwei | |
dc.date.accessioned | 2024-04-15T16:33:14Z | |
dc.date.available | 2024-04-15T16:33:14Z | |
dc.date.issued | 2024-04-15 | |
dc.identifier.uri | http://hdl.handle.net/10222/83891 | |
dc.description | In this thesis, we propose the Server-Client Machine Learning Intrusion Detection System (SC-MLIDS), a hybrid ML IDS framework for WSNs. It integrates server and client components, corresponding to the gateway and sink nodes in WSNs, and realizes two-layer validation of both sensing data and network traffic data. Inspired by the Federated Learning (FL) architecture, the SC-MLIDS framework is designed to be an adaptable solution that transcends limitations related to attack types, WSN architectural designs, ML algorithms, and model quantities. This two-layer approach uses the inherent strengths of ML, achieving comprehensive intrusion detection that is not only efficient and highly accurate but also optimizes resource utilization. | en_US |
dc.description.abstract | Federated Learning (FL) has emerged as a novel distributed Machine Learning (ML) approach to tackle the challenges associated with data privacy and overload in ML-based intrusion detection systems (IDSs). Drawing inspiration from the FL architecture, this thesis introduces the Server-Client Machine Learning Intrusion Detection System (SC-MLIDS), a hybrid ML IDS framework tailored for Wireless Sensor Networks (WSNs). SC-MLIDS is crafted to leverage ML for achieving a two-layer intrusion detection mechanism in WSNs, free from constraints posed by specific attack types. The framework follows a server-client model compatible with the configuration of sensor nodes, sink nodes, and gateways in WSNs. In this setup, client models located at sink nodes undergo training using sensing data, while the server model at the gateway is trained using network traffic data. This two-layer training approach not only amplifies the efficiency of intrusion detection but also ensures comprehensive network coverage.
The principal innovation of SC-MLIDS is the development of two model aggregation prediction algorithms, implemented at the gateway level. The first algorithm assesses models based on their performance metrics and assigned weights. The second algorithm uses a majority voting technique, combining predictions from both client and server models to bolster accuracy. In the operational phase, sensor nodes transmit collected data to their respective sink node for initial validation by the client model. Once the data is validated and associated with network traffic information, it is forwarded to the gateway for further validation through the model aggregation prediction algorithms.
The results of our simulation experiments corroborate the effectiveness of the proposed SC-MLIDS framework. It generates precise aggregation predictions, leading to a substantial reduction in redundant data transmissions. Furthermore, the SC-MLIDS framework exhibits efficacy in detecting intrusions through a two-layer validation process. | en_US |
dc.language.iso | en | en_US |
dc.subject | Wireless Sensor Networks | en_US |
dc.subject | Intrusion Detection System | en_US |
dc.subject | Machine Learning | en_US |
dc.subject | Hybrid Framework | en_US |
dc.subject | Federated Learning | en_US |
dc.subject | SC-MLIDS | en_US |
dc.subject | Aggregation Prediction | en_US |
dc.subject | Model Aggregation | en_US |
dc.subject | Majority Voting | en_US |
dc.subject | Weighted Score | en_US |
dc.subject | Ensemble Learning | en_US |
dc.subject | Network Security | en_US |
dc.subject | WSN Security | en_US |
dc.subject | Random Forest | en_US |
dc.subject | Hybrid Machine Learning | en_US |
dc.title | A Hybrid Machine Learning Intrusion Detection System Framework with Integrated Server and Client Models for Wireless Sensor Networks | en_US |
dc.date.defence | 2024-04-10 | |
dc.contributor.department | Faculty of Computer Science | en_US |
dc.contributor.degree | Master of Computer Science | en_US |
dc.contributor.external-examiner | n/a | en_US |
dc.contributor.thesis-reader | Qiang Ye | en_US |
dc.contributor.thesis-reader | Jaume Manero | en_US |
dc.contributor.thesis-supervisor | Srinivas Sampalli | en_US |
dc.contributor.ethics-approval | Not Applicable | en_US |
dc.contributor.manuscripts | Not Applicable | en_US |
dc.contributor.copyright-release | No | en_US |