ARP-PROBE: An ARP spoofing detector for Internet of Things networks using explainable deep learning: An ARP spoofing detector for Internet of Things networks using explainable deep learning

Mohammed M. Alani, Ali Ismail Awad, Ezedin Barka

Research output: Contribution to journalArticlepeer-review

6 Citations (Scopus)

Abstract

The proliferation of the Internet of Things (IoT) devices and application domains has made IoT security an unavoidable challenge. Spoofing the address resolution protocol (ARP) can be exploited by botnets and other malicious programs to propagate and cause damage. Conventional ARP spoofing detection and prevention methods are, in most cases, inefficient for the IoT. This paper presents an ARP spoofing detection system using explainable deep learning, namely ARP-PROBE, for IoT networks. The proposed system relies on features extracted from network packets to detect ARP spoofing quickly and effectively using a feature selection and extraction module that identifies and selects the highly influential features. In a performance evaluation, the proposed system achieved an accuracy of 99.98% and an F1 score of 0.999. ARP-PROBE had a false positive rate of 0.026% and a false negative rate of 0.001%. To ensure that the model generalizes beyond the training data, a second dataset was used to evaluate it, and the results obtained were consistent with those of the first dataset. To provide a better understanding of the impact of each feature on the performance of the proposed deep learning model, which is the core of ARP-PROBE, a model explanation using SHAP explainability was provided.

Original languageEnglish
Article number100861
JournalInternet of Things (Netherlands)
Volume23
DOIs
Publication statusPublished - Oct 2023

Keywords

  • ARP spoofing detection
  • Deep learning
  • Explainable AI
  • Internet of Things (IoT)
  • IoT security

ASJC Scopus subject areas

  • Software
  • Computer Science (miscellaneous)
  • Information Systems
  • Engineering (miscellaneous)
  • Hardware and Architecture
  • Computer Science Applications
  • Artificial Intelligence
  • Management of Technology and Innovation

Fingerprint

Dive into the research topics of 'ARP-PROBE: An ARP spoofing detector for Internet of Things networks using explainable deep learning: An ARP spoofing detector for Internet of Things networks using explainable deep learning'. Together they form a unique fingerprint.

Cite this