Exploring Machine Learning Methods for IoT Network Intrusion Detection Systems

An ad hoc network is a transient network that is self-organizing and does not require any infrastructure. Therefore, the majority of its applications are in the field of military work and disaster assistance. Because of wireless connectivity and the ability to organize itself, ad hoc networks are becoming more common. Susceptible to a greater number of breaches or assaults than the conventional system. Blackhole assault is a significant routing disruption attack that a rogue node promotes itself as being capable of. as a step along the way to the final destination. In this research, we simulated a black hole using computer models. Assault in a setting with ad hoc networking, as well as data collection of important features for the purpose of classifying aggressive behaviour. Then, several different approaches to machine learning have been developed. utilized for the classification of information regarding benign and harmful packets. It seems to imply. a novel method for the selection of certain features, the gathering of crucial information, and the intrusion detection in an ad hoc network with the application of machine learning algorithms.


Introduction
Information security is one of the most important parts of the current information process.This is because of the widespread use of computers and the risk of losing information that is stored, processed, and sent across the network.When the Internet came out in the 1990s, it started a new era that would have a big effect on information technology.This was because it made it much easier to use data transfer and communication channels [1].The first million of people to use the Internet were able to talk to each other through e-mail because of a network of computers that stayed in one place.Heavy reliance on the Internet and global connections has made it much easier for attacks to come from far away and do a lot of damage through the Internet.Anyone, anywhere in the world, can carry out these attacks.And when you use the internet, there is a chance that your information will be stolen or that you will lose data that you have saved.Intruders plan their attacks so that they can take advantage of any security holes that Exploring Machine Learning Methods for IoT Network Intrusion Detection Systems ://jazindia.comhttps e online at: ilabl Ava -1046 -are already in the system or network [2].An intrusion is a deliberate act of breaking the law that is done to get information, change information, or make a system untrustworthy or not work.
One of the most important things to think about when using the Internet in our daily lives is how safe our computers and networks are.Network attacks were still one of the most common types of threats in 2019, according to the data Kaspersky reported [3].Kaspersky's security solutions were able to stop 975,491,360 threats that came from internet resources in 195 different countries.So, there should be ways to protect against this risk.An intrusion detection system, or IDS, is an active process or device that watches the activities of a system or network to look for unapproved and unauthenticated behavior [4].Most of the time, this is done by automatically collecting information from a wide range of system and network sources and analyzing it to look for security holes in the system.There is no way to know for sure that any data on a network that is connected to the internet will always be safe.Instead, according to the IEEE x.805 eight security dimensions map to security threats, it is recommended to use a number of different methods to reduce any risk.

Intrusion Detection Aodv (Idaodv)
IDAODV uses this method to pretend to break in.AODV is the most popular routing protocol for MANETs, and it has become the de facto standard on the Internet because so many people use it.This is also why AODV has been getting more and more vulnerable to attacks over the past few years.Problem Statement and Attacks Using AODV Routing AODV gives people who want to attack different options.First, we figure out what kinds of abuse goals an inside attacker could be trying to reach [8].

Network -Based Ids
(NIDS) is to keep an eye on data about network traffic by using sensors that are connected to the network to record any actions that seem strange.Threats to the security of a network can show up in many different ways and can affect more than one part of network security, such as authentication, integrity, authorization, and availability.Most network-based IDSs are OS-agnostic, which means they work on any system that supports the target OS [4].IDSs that are based on a network can also find some types of protocol and network attacks.One of the benefits of NIDS is that its monitors don't use any of the host computer's resources when they read each packet as it moves over a network segment.Also, they don't need a specific operating system to work and are easy to set up on a small part of the network.On the other hand, there are some bad things about NIDS.They have trouble keeping up with systems, especially busy ones, because they have to check every packet that goes through the segment.In the next section, we'll talk more about how anomaly detection works with network-based intrusion detection, which is the main topic of this research.An Intrusion Detection System (IDS) can keep an eye on the traffic on a network and send out alerts if it sees anything suspicious.

Overview Of Manets
MANET (Mobile AdHoc Network) is a self-configuring non-infrastructure network of mobile devices connected via a wireless environment.Adhoc is a Latin word that means "for this purpose."Each node in MANET is dynamic and therefore frequently changes its connections with other devices.The Ad Hoc Routing Protocol is a standard that defines how nodes route packets between a source and destination on an ad hoc mobile network.In an adhoc cellular network, the nodes are not static and do not have a specific topology, but must discover it.AdHoc Mobile networks are standalone and decentralized wireless systems.MANETs consist of mobile nodes that move freely in the network and outside it.Nodes are systems or devices, such as a mobile phone, laptop, personal digital assistant, and personal computer that participate in the network.These nodes can act as host / router or both.They can create any topologies depending on their interconnection in the network.These nodes are self-adjusting and, thanks to their self-configuration capability, can be deployed as a matter of urgency without the need for any infrastructure.

ADHOC Networks
Nodes can freely join and leave ad hoc networks because there is no infrastructure to support them.A wireless link, like the one shown in figure 3.1, is what makes it possible for the nodes to talk to each other.A node can act as a router and send data to the nodes in the network that are close to it.This kind of network is sometimes called "infrastructure-less" networks because there is no one place where decisions about how the network works are made.Ad hoc networks are set up to be able to handle any problems with the nodes or any changes that might happen if the network's topology changes.When a network node stops working or leaves the network, the other network nodes that are affected by this simply ask for new routes, and an ad hoc network sets up new links between them.It can be split into mobile ad hoc networks and static ad hoc networks, which are also called SANET (MANET).
Static Adhoc Networks-In static Adhoc networks the geographic location of the nodes or the stations are fixed.There is no mobility in the nodes of the networks.

ADHOC Network Routing Protocol
The study of routing protocols is one of the most difficult and interesting fields of study.For MANETs, a lot of routing protocols have been made, like AODV (Adhoc on Demand Distance Vector).There are a lot of different kinds of routing protocols that can be used in Ad hoc networks.These protocols can be put into four main groups.

Routing information Update mechanism
Adhoc network routing protocols can be classified into three categories.

Proposed Approach
This paper suggests using simulation as a way to model common communication situations, some of which may be open to attacks by bad people.The proposed system has a distributed and cooperative architecture in which each node uses an intrusion detection system (IDS) agent to find and get rid of any nodes that aren't acting right.Each IDS agent has four different parts that make it up.The first module is called the "data collection module," and its main job is to gather data and figure out the path from each node's source to its destination.The second part of the system is the module that looks for intrusions.It attempts to determine whether there is anything strange going on in the check nodes by using the information provided by the module that came before it as well as the threshold value.The voting module is the third one, and it is in charge of approving what has been found.In this module, a node that says another node is acting wrongly must get permission from all the other nodes in the network before isolating the accused node.
Deep Learning (ML) has recently come to the forefront as an approach that is not only desirable but also possible to make available practical efficiency across a variety of contexts.One of the most important application domains is vehicular networks, and ML-based techniques have been shown to be very helpful in solving a wide range of problems in this domain.Since it uses WSN between its vehicle nodes and/otherwise its communications, it can be attacked in many different ways.In this situation, ML and its variations are becoming more and more popular as a way to find attacks and solve a wide range of communication security problems in vehicles.

Network Model
The things that make up the VANET [10] network be able to be put addicted to three different group.Facilities on the side of the road, application and authorization servers, and nodes and cars fall into these groups.
Server Device -These are very powerful workstations, and each one is in charge of organization and providing service data on its own.The power has the entire key and is in charge of setting up a schedule for maintenance.Device servers give information about how cars work.Either the government or companies from around the world will give them money.We are working with the idea that the authorization and application servers can handle a lot of work.So, we haven't thought about how long it takes to do the math.
Road Side Infrastructure -The term "road infrastructure" refers to the collection and distribution of information, as well as the placement of power sources near roads.RSUs get power from wired networks and talk to vehicles over radio, both of which are done with the help of wired networks.

Conclusion
In the world we live in now, more and more gadgets and services are connected to each other through networks.This has made communication more complicated and harder to predict.In addition to making, it easier for people to talk to each other and for systems and services to work together, computer networks are dynamic, always growing, and always changing.Hackers and other intruders have been changing this connected environment by causing problems or stealing information to help themselves personally or professionally.As the level of complexity goes up, the results of methods and metrics for monitoring networks, recognising malicious or unusual events, and classifying traffic become harder to explain to people who make decisions.The information that security analysts' analytical systems give them needs to be paired with tools that help them understand what it all means and come to the right conclusions.In the data-driven world of today, using deep learning algorithms as a back-end engine makes it easier to automatically tell the difference between dangerous and normal network traffic.This is done with the goal of helping people who work in security.An Intrusion Detection System has been built to protect the AODV protocol.This system uses a method that is based on the specification.We have suggested that AODV use an intrusion system tool to protect itself from some of its own threats.

Type 2 :Type 4 :
Use of temporal information for routingExploring Machine Learning Methods for IoT Network Intrusion Detection Systems Utilization of specific resources

Figure 3 :
Figure 3: Training and Simulation Window

Table 1 :
Comparison results with the existing system