A novel optimized Bat Extreme Learning intrusion detection system for smart Internet of Things networks

Summary Rapid growth in technology has triggered the exponential growth in an advancement of the profoundly associated ubiquitous biological system of unavoidable gadgets, all things considered, called as Internet of Things (IoT). Although these devices make everyone's life as flexible and comfortable, they also suffer from various security breaches. Current scenario of security systems which are employed to safeguard the IoT devices are still in darker side, which has been considered as attractive prey for the attackers. This paper proposes the novel BEL three‐tier intrusion detection architecture which is based novel bat optimized extreme learning machines to detect the various cyber‐attacks over the IoT network. The proposed system consists of (1) design of scalable IoT deployable software which is used to collect the data which are used to classify the different behaviors of IoT networks and (2) data analyzer mechanism (DAM) which analyzes the various malicious characteristics of IoT networks after incurring the attacks in the networks and classifies the type of attacks that has been injected. The real‐time scenario of smart IoT networks for smart automation has been created using API NDNOMNeT which is an extension of OMNeT++ in which the 100 IoT devices has been deployed and attack methodology has been created by Python API. The efficiency of the projected IDS planning has been evaluated on the above test beds, deploying different attacks categories such as denial of services (DoS), man in middle (MIM)/spoofing, replay, and data leakage. The experiments demonstrate that the performance of the proposed IDS architecture has outperformed the other existing learning‐based IDS in terms of accuracy, sensitivity, time complexity, and reliability. If malevolent parcels have been distinguished in the subsequent layer, the third layer will arrange these pernicious bundles as one of four primary assault types. Thus, in an occasion of an assault, the yield of the framework is (1) the MAC address of the gadget enduring an onslaught, (2) regardless of whether the bundle is malevolent, and (3) the sort of assault which has happened, which is one of the four primary classes that the model was prepared on.