Enhancing IoT device security: CNN-SVM hybrid approach for real-time detection of DoS and DDoS attacks

The Internet of Things (IoT) has expanded into a realm of cutting-edge integrated solutions across numerous applications, following three stages of development: communication, authentication, and computing. However, each layer inside the three tier IoT architecture faces a spectrum of security concerns due to the IoT's openness, scope, and resource limits. Therefore, developing a secure IoT system is vital, shielding against attackers leveraging IoT devices to obtain network access and maintaining data security during transmission between these devices. Despite developments in Intrusion Detection Systems, identifying Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks in real-time remains a significant issue, especially in the environment of IoT devices, which are diverse and resource restricted. This study provides a Convolutional Neural Network-Support Vector Machine (CNN-SVM) hybrid technique, targeted at overcoming these limits by enhancing detection speed and accuracy, thus addressing this substantial gap in the area. This research offers a hybrid model that combines CNN for feature extraction with SVM as a classifier. This model employs a CNN to extract essential elements from the data and classifies attacks as either DDoS or benign. Our results highlight the potential performance of our model, which was trained on the real Canadian institute for cybersecurity (CIC) IoT dataset in 2023. Notably, our hybrid model outperformed classic machine learning (ML) alternatives such as CNN, SVM, K-nearest neighbors, Na & iuml;ve Bayes, and Logistic Regression. During testing, our model attained a remarkable accuracy rate of 99% and an F1-score of 99%, outperforming the highest-performing SVM ML model with an accuracy of 98% and the other ML methods.