IoT-Integrated Drone Cybersecurity: Using DL and ML for Intrusion Detection

By Dr Silpaja Chandrasekar, PhDReviewed by Susha Cheriyedath, M.Sc.Nov 2 2023

In a paper published in the journal Scientific Reports, researchers explored the use of innovative drone-based cybersecurity solutions integrated with the Internet of Things (IoT). This integration has transformed navigational technologies, enhancing data communication services across multiple platforms.

By harnessing the power of machine learning (ML) and deep learning (DL) techniques, the study delved into the increasing utilization of IoT-enabled drones in various industries, such as agriculture, and the development of smart cities. It also focused on tackling the security issues that accompany this growing adoption. The research focused on privacy and security challenges in drone networks (NoD) and underscored the importance of implementing secure measures to mitigate potential interception and intrusion risks.

The proposed system effectively detected cyberattacks within drone networks through DL and ML techniques, achieving remarkable performance and robustness, particularly with Bidirectional Long Short-Term Memory (B-LSTM) and LSTM approaches, resulting in high precision, accuracy, recall, and F-measure values.

Miniature Drones and Law Enforcement

The proliferation of miniature drone technology in disaster response, surveillance, and agriculture has boosted the Intrusion of Detection (IoD). Yet, it has also sparked concerns about privacy, security, and regulation, especially when combining IoT and wireless sensors in these drones. Additionally, technology has dramatically enhanced law enforcement operations, including real-time monitoring, criminal tracking, and artificial intelligence (AI) based security measures, with researchers using ML to analyze crime suspects and monitor environmental conditions for safety and crime prevention.

IoT-Based Drone Security Framework

The Unmanned Aerial Vehicle (UAV) Framework combines hybrid ML and DL approaches for IoD in UAV networks, accommodating traditional network structures with base and ground stations. It comprises two main components: base and ground stations, responsible for data capture and processing. The base station handles drone communications, validates module selection, and uses distributed modules for attack detection. Each drone has a monitoring module, and another module is at the ground station, validating attacks and determining which drones to notify.

Communication with the base station can be with a single station or a network of stations. The choice between streaming and batching for intrusion detection depends on the technology used. When employing MapReduce, batch processing is necessary, while frameworks like Flink, Storm, Apache Kafka, or Spark allow runtime identification. Researchers prefer Apache Kafka for efficiently managing data streams, particularly in the initial stage. The drone layer comprises camera-equipped quadcopters with IoT sensors, while the edge processing layer ensures data comes from approved sources. The security and privacy layer uses ML for device authentication and access control, addressing privacy threats and vulnerabilities.

In this IoT-based drone security framework, IoT gateways at the Device Connection Layer ensure authenticated device access, with Blockchain technology ensuring data integrity. The Data Processing Layer employs ML and Naive Bayes for robust data analysis and authentication. Researchers store data in cloud-based Not Only Structured Query Language (NoSQL) databases and visualize it using Power Business Intelligence (Power BI), improving security insights.

Hybrid Drone Security uses unsupervised learning to detect unusual attacks, aided by advances in deep neural networks. ML and DL methods are leveraged for Intrusion Detection, offering a versatile approach. Drone Data Collectors and a central RNN-LSTM module process data and make informed decisions while researchers mitigate bias and variance through data cleaning. Essential Sensors and ZigBee technology ensure reliable data transmission. This integrated framework guarantees efficient and secure IoT-based drone security, addressing the challenges of intrusion detection in UAV networks.

Evaluation and Dataset Sources

Researchers conducted an impartial evaluation of the proposed framework's effectiveness, employing a range of statistical parameters, including accuracy, precision, recall, and F-measure. They used these metrics to assess the framework's performance in the context of a mobile system, which includes drone security and an IoT-enabled network integrated with ML and DL.

The study compared the proposed ML framework with traditional methods and examined its temporal efficacy, statistical performance, reliability, and stability. Additionally, the study investigated the impact of varying factors, such as network properties, types of attacks, and the availability of labeled training data, on the efficiency of ML approaches for drone IoD. The results demonstrated that employing DL methods like LSTM and Bi-LSTM can enhance the precision and robustness of drone IoD systems, as evidenced by mathematical equations and graphical representations of model accuracy concerning different factors such as epochs and activation functions.

The researchers sourced the dataset for their experiments from KDDCup 99 and the Communications Security Establishment-Canadian Institute for Cybersecurity-Intrusion Detection System (CSE-CIC-IDS) 2018 on AWS, providing valuable insights into intrusion characteristics and network profiles. The CIC and the CSE meticulously created these datasets to facilitate the evaluation and testing of network-based anomaly IDS. It's essential to note their deliberate effort in dataset creation.

The datasets represent a variety of real-world attack scenarios, including Botnet attacks, Hypertext Transfer Protocol (HTTP) Denial of Service, web application attacks, network infiltration attacks, brute force attacks, and Distributed Denial of Service (DDoS) attacks. The distribution of regular and attack records, along with an overview of these attacks, was provided in the study, highlighting the diverse range of intrusion types and data allocation for training and testing purposes.

Additionally, the study compared the proposed model's performance against various state-of-the-art methods, revealing the superior accuracy and effectiveness of DL techniques, particularly LSTM and Bi-LSTM, in detecting intrusions and drone attacks. These results were presented with performance metrics such as accuracy, precision, recall, and F1 score, reinforcing the advantages of DL in this context.

Conclusion

In summary, researchers introduced the IoDs cybersecurity framework, leveraging IoT and DL for threat detection. It outperformed traditional methods, showing strong generalizability and robustness in identifying attack types. Future research will address countering UAV threats due to their increasing use in potentially harmful contexts.