Journal "Software Engineering"
a journal on theoretical and applied science and technology
ISSN 2220-3397

Issue N4 2025 year

DOI: 10.17587/prin.16.167-180
A Scalable Method for Detecting Multi-Vector Attacks on Compromised IoT Devices Using Machine Learning Algorithms
V. I. Petrenko, Associate Professor, Head of Department, vipetrenko@ncfu.ru, F. B. Tebueva, Professor, ftebueva@ncfu.ru, M. G. Ogur, Senior Lecturer, ogur26@gmail.com, G. I. Linets, Professor, kbytw@mail.ru, V. P. Mochalov, Professor, mochalov.valery2015@yandex.ru, FSAEI HE "North-Caucasus Federal University", Stavropol, 355017, Russian Federation
Corresponding author: Maksim G. Ogur, Senior Lecturer, FSAEI HE "North-Caucasus Federal University", Stavropol, 355017, Russian Federation, E-mail: mogur@ncfu.ru
Received on October 11, 2024
Accepted on February 05, 2025

The paper presents a new scalable method for detecting multi-vector attacks on compromised Internet of Things (IoT) devices using machine learning algorithms. A detailed analysis of existing attack detection methods is conducted, including signature-based methods, anomaly-based methods, supervised and unsupervised machine learning methods, as well as deep learning methods such as convolutional and recurrent neural networks. A new method combining deep learning and federated learning is developed, which improves the accuracy, scalability, and security of the system in the context of limited IoT device resources. The results of an experimental study confirming the superiority of the proposed method over existing solutions are presented.

Keywords: Internet of Things, multi-vector attacks, machine learning, deep neural networks, federated learning, IoT, security
pp. 167—180
For citation:
Petrenko V. I., Tebueva F. B., Ogur M. G., Linets G. I., Mochalov V. P. A Scalable Method for Detecting Multi-Vector Attacks on Compromised IoT Devices Using Machine Learning Algorithms, Programmnaya Ingeneria, 2025, vol. 16, no. 4, pp. 167—180. DOI: 10.17587/prin.16.167-180 (in Russian).
This work was supported by a grant from the IB MTUCI, agreement No. 40469/17-23-K
References:
  1. Statista. Number of connected IoT devices worldwide 2019­2025, available at: https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/ (date of access 18.08.2024).
  2. Vajrobol V., Gupta B. B., Gaurav A., Chuang H.-M. Adversarial learning for Mirai botnet detection based on long short-term memory and XGBoost, International Journal of Cognitive Computing in Engineering, 2024, vol. 5, pp. 153—160. DOI: 10.1016/j.ijcce.2024.02.004.
  3. Nawshin F., Unal D., Hammoudeh M., Suganthan P. N. AI-powered malware detection with Differential Privacy for zero trust security in Internet of Things networks, Ad Hoc Networks, 2024, vol. 161, article 103523. DOI: 10.1016/j.adhoc.2024.103523.
  4. Adiwal S., Rajendran B., Shetty D. P., Sudarsan S. D. DNS Intrusion Detection (DID) — A SNORT-based solution to detect DNS Amplification and DNS Tunneling attacks, Franklin Open, 2023, vol. 2, article 100010. DOI: 10.1016/j.fraope.2023.100010.
  5. Diro A., Kaisar S., Vasilakos A. V. et al. Anomaly detection for space information networks: A survey of challenges, techniques, and future directions, Computers & Security, 2024, vol. 139, ar­ticle 103705. DOI: 10.1016/j.cose.2024.103705.
  6. Sasi T., Lashkari A. H., Lu R. et al. An efficient self attention-based 1D-CNN-LSTM network for IoT attack detection and identification using network traffic, Journal of Information and Intelligence, 2024, in Press. DOI: 10.1016/j.jiixd.2024.09.001.
  7. Kavitha D., Ramalakshmi R. Machine learning-based DDOS attack detection and mitigation in SDNs for IoT environments, Journal of the Franklin Institute, 2024, vol. 361, no. 17, article 107197. DOI: 10.1016/j.jfranklin.2024.107197.
  8. Abdulkareem S. A., Foh C. H., Carrez F., Moessner K. A lightweight SEL for attack detection in IoT/IIoT networks, Journal of Network and Computer Applications, 2024, vol. 230, article 103980. DOI: 10.1016/j.jnca.2024.103980.
  9. Saheed Y. K., Omole A. I., Sabit M. O. GA-mADAM-IIoT: A new lightweight threats detection in the industrial IoT via genetic algorithm with attention mechanism and LSTM on multivariate time series sensor data, Sensors International, 2025, vol. 6, article 100297. DOI: 10.1016/j.sintl.2024.100297.
  10. Kumari M. K., Tripathi N. Detecting interest flooding attacks in NDN: A probability-based event-driven approach, Computers & Security, 2025, vol. 148, article 104124. DOI: 10.1016/j.cose.2024.104124.
  11. Olanrewaju-George B., Pranggono B. Federated learning-based intrusion detection system for the internet of things using unsupervised and supervised deep learning models, Cyber Security and Applications. 2025, vol. 3, article 100068. DOI: 10.1016/j.csa.2024.100068.
  12. Petrenko V. I., Kopytov V. V., Tebueva F. B., Ogur M. G. Model of threats to information security of the process of trusted interaction of IoT system devices, formalizing scenarios of multi-vector attacks, Bulletin of the St. Petersburg State University of Technology and Design. Series 1: Natural and technical sciences, 2024, no. 2, pp. 126-133. DOI:10.46418/2079-8199_2024_2_23 (in Russian).
  13. Alabdulatif A., Thilakarathne N. N., Aashiq M. Machine Learning Enabled Novel Real-Time IoT Targeted DoS/DDoS Cyber Attack Detection System, Computers, Materials and Continua, 2024, vol. 80, no. 3, pp. 3655—3683. DOI: 10.32604/cmc.2024.054610.
  14. Baccour E., Erbad A., Mohamed A. et al. Multi-agent reinforcement learning for privacy-aware distributed CNN in heterogeneous IoT surveillance systems, Journal of Network and Computer Applications, 2024, vol. 230, article 103933. DOI: 10.1016/j. jnca.2024.103933.
  15. Canadian Institute for Cybersecurity. CIC IoT Dataset 2023. Fredericton, NB, Canada: University of New Brunswick, 2023, available at: https://www.unb.ca/cic/datasets/iotdataset-2023.html (date of access 11.10.2024).