An Ensemble of Deep Recurrent Neural Networks for Detecting IoT Cyber Attacks Using Network Traffic

Internet-of-Things (IoT) devices and systems will be increasingly targeted by cybercriminals (including nation state-sponsored or affiliated threat actors) as they become an integral part of our connected society and ecosystem. However, the challenges in securing these devices and systems are compounded by the scale and diversity of deployment, the fast-paced cyber threat landscape, and many other factors. Thus, in this article, we design an approach using advanced deep learning to detect cyber attacks against IoT systems. Specifically, our approach integrates a set of long short-term memory (LSTM) modules into an ensemble of detectors. These modules are then merged using a decision tree to arrive at an aggregated output at the final stage. We evaluate the effectiveness of our approach using a real-world data set of Modbus network traffic and obtain an accuracy rate of over 99% in the detection of cyber attacks against IoT devices.