A Lightweight Intrusion Detection System using Benford's Law and Network Flow Size Difference

Abstract

In today's world, the integration of various computing devices and embedded systems is creating a giant network that is popularly termed as the internet of things (IoT). Although, IoT has a lot of business opportunities, but its open and distributed nature makes it vulnerable to many cyber attacks. An intrusion detection system (IDS) is responsible for monitoring and detecting malicious activities in any computing system or a network. However, traditional IDS methods require modification and enhancement for implementation in the IoT system largely due to its usage of specific protocols stack and limited availability of computational resources, memory space, and power in these devices. In this paper, we propose a lightweight IDS for resource-constraint systems by using the concept of Benford's law, network flow size difference, and linear regression. We have done extensive experimentation using a benchmark NSL-KDD dataset that shows very positive results. � 2020 IEEE.