Attention-based ResNet for intrusion detection and severity analysis using sliding window blockchain and firewall in IoT

With the increasing adoption of Internet of Things (IoT) networks, ensuring their security has become a critical concern due to resource limitations and the growing complexity of malicious attacks. Intrusion Detection and Prevention Systems play a pivotal role in safeguarding network performance, but traditional methods often struggle with attack severity and classifying unknown packets. In this research, we introduce the Attention-IDS model, a comprehensive solution comprising five stages: two-fold authentication, local density-based clustering, flow-based feature extraction, intrusion detection system (IDS), and intrusion severity detection. Leveraging IoT devices and user-based authentication, our model effectively detects and prevents unauthorized access attempts, while ensuring enhanced security through the utilization of the Combine Counter Mode algorithm on the blockchain. The IDS stage, powered by the Isolation Forest algorithm, accurately classifies features as normal, malicious, or unknown. Leveraging the proposed Attention-based ResNet model, our approach intelligently classifies unknown packets into normal and malicious categories, employing feature extraction, selection, and classification. Additionally, the Extended Kalman Filter determines intrusion severity, enabling network-wide notification alarms for frequent intrusions and targeted responses for rare intrusions. Extensive simulations using the NS3.26 network simulator demonstrate the superior performance of Attention-IDS compared to existing methods.