1. Introduction
The smart city is regarded as a technological structure utilized by the distinct city shareholders for achieving distinct objectives such as good governance, enhancing day-to-day living circumstances, maximizing resource usage, or building new commercial chances [
1]. The supporters of the smart city, whether they are technology providers, researchers, or managers, have performed various designs, improvement studies, and standardization in response to the difficulties of smart city advancement referring to security, scalability, connectivity, or heterogeneity [
2]. The Internet of Things (IoT) technology provides less cost and potential solutions for the advancement of smart cities owing to its greater suitability in an infinite number of cases. Specifically, the intelligent IoT gadgets could consistently combine multiple fields of a smart city phenomenon, interchanging a continual flow of data for granting quality services to the public as a supreme objective [
3]. Thus, we refer to the IoT gadgets as brilliant, which means they are capable of communicating autonomously, demanding less or no human involvement.
Invaders will fix their places in smart cities for many reasons. Malevolent people might consider smart cities as play areas wherein they make a trail of their hacking skills through playing with existing technologies for individual fulfillment [
4]. For cyber-criminals, the interconnectivity of systems and devices in a smart city can be operated for any feasible unauthorized accessibility of monetary properties, personal properties, delicate data, and causing damages or loss to the common public [
5]. State-sponsored actors might exploit the ubiquity of smart city technologies for launching their hacktivist or espionage camps. In a few very dire situations, smart applications might be exploited for performances of terror [
6]. Thus, engineers and researchers must grant legal methods and solutions to aid local administrations and metropolitan or urban developers in creating highly secured smart cities [
7].
Security is not just a necessity for the further usage of blockchain (BC); it could participate in data dispersal since it operates in a quicker mode. However, according to the author’s knowledge, autonomous mathematical evidence for quicker solutions is now not available [
8]. Once after the existence of the mathematical evidence, an ideal ambiance is possible where speedy and trusted nodes are linked in the network and could avail the advantage from 5G with the help of particular fog layers of clouds. As a result, a BC-oriented decentralized system is one of the resolutions [
9]. One such benefit of utilizing BC technologies is that it has capability of storing data in an absolute way that does not need a centralized database. Furthermore, it could offer a means for tracking and executing transactions amid several members in a trusted ambiance [
10]. With the use of strong encryption with public private key sets, BC further grants higher levels of security to its members.
Figure 1 depicts the process of BC in IoT with smart cities environment.
This study develops an Optimal Machine Learning-based Intrusion Detection System for Privacy Preserving BIoT with Smart Cities Environment, called OMLIDS-PBIoT technique. The proposed OMLIDS-PBIoT model can be applied to accomplish security in several areas of smart cities such as traffic management, emergency response, smart healthcare, air quality monitoring, disaster management, waste management, air quality monitoring, etc. The presented OMLIDS-PBIoT technique employs data pre-processing in the initial stage to transform the data into compatible format. Additionally, a golden eagle optimization (GEO)-based feature selection (FS) model is designed to derive useful feature subsets. In addition, heap-based optimizer (HBO) with random vector functional link network (RVFL) model was utilized for intrusion classification. In addition, BC technology is exploited for secure data transmission in the IoT-enabled smart city environment. The performance validation of the OMLIDS-PBIoT technique is performed utilizing benchmark datasets, and the outcomes are valued in many aspects.
2. Literature Review
This section offers a brief review of security-based solutions for the IoT enabled smart city environment. Kumar et al. [
11] introduce a Privacy Preserving and Secure Framework (PPSF) to IoT-driven smart cities. The suggested PPSF depends on two chief processes: one is a dual-level secrecy scheme, and another one is IDS. Firstly, in a dual-level secrecy scheme, a BC unit is devised for sending the IoT data securely, and a Principal Component Analysis (PCA) approach was implemented to convert original IoT data as to innovative outline. In the IDS, a Gradient Boosting Anomaly Detector (GBAD) was implied for training purposes. Meng et al. [
12] recommend a BC-enabled single character frequency-related ESM, which could create a provable database of malicious payloads by means of BCs. In the valuation, we examine the act of the methods below flooding and character padding assaults in a real and simulated IoT network ambiance.
Bediya and Kumar [
13] debated most feasible assaults on IoT network systems and distributed denial of service (DDoS) assault is such a risky one amongst them. BC technology could be used for developing a structure in order to protect or preserve IoT systems, and BC is a brand-new technology utilized in transacting processes of cryptocurrency. Rathore et al. [
14] suggest a decentralized security substructure depends on Software Defined Networking (SDN) paired with BC technologies for IoT network from the smart cities, which hinges on the three main technologies of Fog, SDN, and BC, as well as mobile edge computing (MEC) for detecting assaults in the IoT network with higher effectiveness. Therefore, in the suggested substructure, SDN is accountable for continual observing and interpretation of traffic data in the whole IoT network for providing an optimum attack recognition method.
Botello et al. [
15] suggest BlockSIEM, a BC-related and dispersed Security Information and Event Management (SIEM) solution structure for the safety of the above-mentioned smart city services. These security events were produced by IoT sentinels, which take responsibility for protecting groups of IoT gadgets. In [
16], several various problems and distinct assault vectors are conferred, including the feasible results. To alleviate numerous assaults, BlockSDN, a BC as a service structure, for SDN is suggested. The substructure of permissioned BC is provided, pursued by two assault scenarios: one is a malware imperiled switch at data plane, and another one is DDoS assault at the control planes. Peneti et al. [
17] inaugurates the BC-defined network system having a grey wolf enhanced modular neural network (NN) technique for managing the smart ambiance security. At the time of this process, translation, application, and construction, layers were formed, where user-authenticated related blocks are devised for handling the privacy and security property. After this, optimizing NN is implied for maintaining the computational resource utilization and latency in IoT-empowered smart applications.
The authors in [
18] introduced a new AI-based multimodal fusion model to recognize intrusions in the industry 4.0 environment. This model involves improved fish swarm optimization-based feature selection (IFSO-FS) approach to choose optimal subset of features. In addition, the IFSO technique is derived by the use of the Levy Flight (LF) concept into the searching mechanism of the conventional FSO model. Additionally, the weighted voting-based ensemble technique is used for fusion procedure. The authors in [
19] presented a hybrid metaheuristic-based energy efficiency resource allocation (HMEERA) technique for cloud platform. The HEERA technique carries out the feature extraction and principal component analysis (PCA)-based feature reduction. It also uses hybrid Group Teaching Optimization Algorithm (GTOA) with rat swarm optimizer (RSO) algorithm to allot the resources in an optimal way.
Though several models are available in the literature, it is still needed to design effective IDS models for smart city environment. In addition, most of the research works have chosen the parameter values based on the trial-and-error method, which is labor intensive and ineffective. Therefore, parameter optimization can be considered as the NP hard problem and can be solved by the use of metaheuristic algorithms. In this work, we have used the HBO algorithm for optimal parameter tuning process.
3. The Proposed Model
In this study, an effective OMLIDS-PBIoT technique was developed with the utilization of the BC and ML models for accomplishing security in the smart city environment. The presented OMLIDS-PBIoT technique employs different stages of subprocesses, namely pre-processing, GEO-FS, RVFL-based classification, and HBO-based parameter optimization. Moreover, BC technology is exploited for secure data transmission in the IoT enabled smart city environment.
3.1. Blockchain Technology
In this work, the BC technology is used to assure secure data transmission in the smart city environment. BC is a decentralized P2P network through which every transaction is authenticated by the registered node and recorded in an immutable and distributed ledger. In such case, the consensus approach is the center of the BC technique, since it ensures network reliability. Especially, no centralized authority exists to authenticate the produced event; all the transactions should be authenticated by the BC node via mutual agreement (viz., consensus) [
20]. A few common types of consensuses are given in the following:
Proof of Work (PoW): a transaction is authorized when the node accepts its P2P network.
Proof of Stake (PoS): the node that has further wealth has great possibility to create a block and participate in the consensus.
Proof of Importance (PoI): the node that can generate a block is the one with the maximum number of transactions.
Proof of Authority (PoA): explicitly few nodes are permitted to generate new blocks and protect the BC. It should be apparent that the abovementioned algorithm features potential drawbacks and possible advantages, depending mainly on the fundamental P2P network architecture.
PoS and PoW are explicitly portrayed as the more commonly used algorithms to achieve the consensus between the P2P nodes. Nonetheless, it has become evident that PoW needs high computation resources, whereas PoS is most demonstrated for attacking because the mining cost is almost zero. PoA and PoI are valid alternatives since they have better performance and are energy-friendly. Moreover, BC presents two techniques to construct a network, such as permissionless and permissioned BCs. Especially, permissionless BC (that is, public BC) allows a potential candidate to turn into a node and belong to the network. A node on this BC may execute other tasks as long as they pose the physical ability (for example, validate transactions, mine blocks, etc.). Consecutively, permissioned BC (that is, private BC) restricts the access of a node that belongs to the network and executing task. An appropriate characteristic of BC is that it is likely to select the levels of decentralization on the network, that is, partially decentralized or fully centralized. Specifically, open permissioned BC is partially decentralized, because all the entities have the capacity to read the saved information, whereas closed permissioned BC is completely centralized. After all, the saved information is perceptible to the participating node.
3.2. Data Pre-Processing
During this case, min-max normalized has been executed for scaling the data s to unit variance. It is commonly utilized to compute the similarity degree among points. Assume that
is data, which is mapped from the dataset range from
Amin to
Amax, employing in Equation (1):
The employ of min-max normalization ensures that the feature was exacted as to similar scales.
3.3. Process Involved in GEO-FS Technique
In this study, the GEO-FS technique is exploited to choose an optimal subset of features from the preprocessed data. GEO is a novel meta-heuristic approach, which was established very recently for solving global optimized problems. The GEO technique was simulated and mathematically processed by the intelligence of golden eagle (GE) dependent upon adjusting the speed of its spiral tracking [
21]. The GE is a specific type of swarm that has a superior propensity for cruising around and searching for prey initially to hunt. By controlling these two elements, i.e., cruise propensity and attack propensity, the GEO was rapidly capable of hunting an optimum accessible prey from the possible region.
The GE from cruise and hunt is a unique feature, i.e., it follows in a spiral trajectory, representing that prey was commonly on one side of the eagles. This allows them to control target prey wisely and use boulders for determining an appropriate angle of attack. Simultaneously, it can be checking other regions for optimum food. The hunting technique of GEs mostly dependent upon the subsequent feature.
The mathematical designs of GEs for mimicking the movement to search for the prey are mostly explained as:
The spiral movement of GEs: In GEO, all the GE retains from their memory the optimum visited place previously. The eagle is an attraction near the cruising and nearing attack of the prey concurrently in order to search for optimum food. At all iterations, all the GEs arbitrarily select prey, which is fixed by another GE and circles around optimum place stayed by GE so far. The GE also has the chosen features for circling their memory; therefore, it can be , whereas stands for the number of GEs.
Prey selection: At all the iterations, all the GEs can choose a prey for executing the cruising as well as attacking functions. Additionally, all the GEs select the chosen prey in the memory of the entire flock. Thus, the cruising and attacking vectors are calculated based on the chosen prey. Next, it verifies their memory when the novel place was superior to the preceding place. Subsequently, the memory was upgraded with novel determining.
Attack: The attack is defined by utilizing a vector deriving from the actual place of GE
and ending from the place of prey from the eagle’s memory as:
where
implies the attack vector of GEs
denotes the optimum place visited by eagle
so far, and
signifies the present place of eagles
.
Cruise: The cruise vector is a perpendicular vector to attack vectors and tangent to circle. It is also well-known as linear speed of GEs for attacking the prey. The target point on cruise vector was provided under:
where
signifies the hyperplane formula from
-dimension space,
whereas
signifies the attack vectors.
Moving to novel places: Moving to novel places of GEs was mostly dependent upon the attacking and cruising vectors. Thus, the step vector of GEs
in iteration
was projected by the subsequent formula:
In which denotes the attack co-efficient at iteration and implies the cruise co-efficient at iteration and controlling that the GE was affected by cruising and attacking. and imply the random vectors.
A novel place of GEs is then provided as:
When the fitness function offers superior to the preceding places after their memory is upgraded with novel places.
The transition from exploration to exploitation: The GEO technique utilizes the attacking co-efficient
and the cruising co-efficient
for switching from the state of exploration to exploitation.
and
is calculated utilizing the subsequent linear expression:
where
and
are correspondingly the primary values to propensity for attacking
and for propensity for cruising
signifies the present iteration,
denotes the maximal count of iterations,
and
are correspondingly the last values to propensity for attacking
and to propensity for cruising
The fitness function (FF) of the GEO-FS technique assumes the classifier accuracy and the number of chosen features. It maximizes the classifier accuracy and minimizing the set size of chosen features. Thus, the subsequent FF utilized for evaluating individual solutions is demonstrated in Equation (8).
where
implies the classifier error rate utilizing the chosen features.
is computed as the percentage of inappropriate classification (by 5-ANN classifier) to the number of classifiers developed, formulated as a value amongst zero and one [
22]. (
implies the complement of classifier accuracy),
denotes the number of chosen features, and
denotes the entire number of elements from the original dataset.
denotes utilized for controlling the significance of classifier quality as well as subset length. During the experiments,
is fixed to 0.9.
3.4. Process Involved in HBO-RVFL Technique
At this stage, the chosen features are passed into the RVFL model to classify data. The basic framework of RVFL is generally the same as the artificial neural network that comprises hidden, output, and input layers [
23]. However, the major difference between RVFL and ANN is that RVFL directly connects the output and input layers. This connection supports RVFL by an appropriate mechanism to prevent the over-fitting problems that take place in ANN. The training RVFL begins with the employment of the input data that comprise target
and sample
, to the input state. Next, the output of the hidden node is computed by the subsequent formula:
From the above equation, represents the value of weight, which connects the hidden and input nodes. and denote the scale bias and factor, correspondingly.
Then, last output is calculated by the Equation (11):
Here,
is upgraded by the subsequent equation:
In Equation (12),
indicates the Moore–Penrose pseudo-inverse.
Figure 2 demonstrates the structure of RVFL technique.
To optimally adjust the parameters related to the RVFL method, the HBO algorithm has been utilized. The presented algorithm is stimulated by the corporate rank hierarchy (CRH), which declares that a team could arrange in a hierarchal manner to fulfill organization goals [
24]. The HBO algorithm is categorized as interaction between colleagues, interaction between subordinates, self-contribution of employees, and the immediate supervisor. In the CRH approach, the population is established as a CRH, while the heap node is established as a searching agent. The agent location of every search is upgraded by:
The
-
components of
vector
is signified as:
is evaluated by using Equation (15):
The (
C) parameter in Equation (16) controls the variation. However, this will complete in
iteration as in the following:
Additionally, the interaction between colleagues is modeled. As expressed in Equation (17), the location of every agent
is upgraded by randomly designated colleague
:
In Equation (17), the fitness of the searching agent is denoted as .
Further modeled is the self-contribution of all the employees, whereby the location of every agent is upgraded based on the following equation:
At last, the updating position equation has been taking place. The roulette wheel probability, , and , are designated to balance the exploitation and exploration stages.
The searching agent upgrades the location by utilizing Equation (18). Selection of the proportion
is implemented by Equation (19):
The searching agent upgrades their location by Equation (11). Selection of the proportion
is implemented by Equation (20):
The searching agent upgrades their location by Equation (19). Selection of the proportion
is implemented by Equation (21):
Therefore, the common position updating method of the HBO algorithm is expressed by the following equation:
The HBO approach grows an FF for achieving superior classifier performances. It solves a positive integer for demonstrating the best performance of candidate results. During this study, the minimized classifier error rate has been regarded that FF is offered in Equation (23).
4. Performance Validation
This section inspects the experimental validation of the OMLIDS-PBIoT technique using two benchmark datasets such as NSL-KDD and UNSW-NB15 datasets.
The FS outcomes of the GEO-FS system on the test dataset are displayed in
Table 1. The experimental values implied the GEO-FS method has accomplished enhanced performance over other models. For instance, on test NSL-KDD dataset, the OMLIDS-PBIoT technique has accomplished least good cost of 0.002218 with the selection of 13 features. Additionally, on test UNSW-NB15 dataset, the OMLIDS-PBIoT technique has established minimum best cost of 0.003095 with the selection of 20 features.
A detailed intrusion detection of the outcomes of the OMLIDS-PBIoT technique on the NSL-KDD dataset are portrayed in
Table 2 and
Figure 3. The outcomes denoted by the OMLIDS-PBIoT technique have classified samples under all classes effectively. For example, the OMLIDS-PBIoT technique has recognized samples under DoS attack with
,
,
, and
of 99.30%, 99.50%, 99.64%, and 99.57% respectively. Additionally, the OMLIDS-PBIoT technique has recognized samples under R2L attack with
,
,
, and
of 99.53%, 98.52%, 99.18%, and 99.21% correspondingly. At the same time, the OMLIDS-PBIoT technique has recognized samples under U2R attack with
,
,
, and
of 99.89%, 99.12%, 98.45%, and 99.54% individually. Moreover, the OMLIDS-PBIoT technique has recognized samples under normal attack with
,
,
, and
of 98.65%, 98.84%, 98.74%, and 99.07%, correspondingly.
The training accuracy (TA) and validation accuracy (VA) attained by the OMLIDS-PBIoT technique on NSL-KDD dataset is demonstrated in
Figure 4. The experimental outcome implied that the OMLIDS-PBIoT technique has gained maximum values of TA and VA. In specific, the VA seemed to be higher than TA.
The training loss (TL) and validation loss (VL) achieved by the OMLIDS-PBIoT technique on NSL-KDD dataset are established in
Figure 5. The experimental outcome inferred that the OMLIDS-PBIoT technique has accomplished least values of TL and VL. In specific, the VL seemed to be lower than TL.
A detailed intrusion detection outcome of the OMLIDS-PBIoT technique on the UNSW-NB15 dataset is displayed in
Table 3 and
Figure 6. The outcomes exposed that the OMLIDS-PBIoT technique has classified samples under all classes effectively. For example, the OMLIDS-PBIoT model has recognized samples under DoS attack with
,
,
, and
of 99.69%, 99.33%, 99.54%, and 99.74%, correspondingly. Eventually, the OMLIDS-PBIoT technique has recognized samples under Generic attack with
,
,
, and
of 99.58%, 99.78%, 98.78%, and 99.67%, correspondingly. In the meantime, the OMLIDS-PBIoT technique has recognized samples under U2R attack with
,
,
, and
of 99.609%, 99.43%, 98.58%, and 99.54%, correspondingly. Furthermore, the OMLIDS-PBIoT technique has recognized samples under normal attack with
,
,
, and
of 99.73%, 99.48%, 98.60%, and 99.65%, correspondingly.
The TA and VA gained by the OMLIDS-PBIoT technique on UNSW-NB15 dataset are shown in
Figure 7. The experimental outcome implied that the OMLIDS-PBIoT technique has gained maximal values of TA and VA. Particularly, the VA seemed to be higher than TA.
The TL and VL achieved by the OMLIDS-PBIoT techniques on UNSW-NB15 dataset are established in
Figure 8. The experimental outcome inferred that the OMLIDS-PBIoT technique has accomplished the least values of TL and VL. Specifically, the VL seemed to be less than TL.
Table 4 portrays an extensive comparison study of the OMLIDS-PBIoT technique with recent models in terms of different measures [
18].
Figure 9 offers a comparative
and
examination of the OMLIDS-PBIoT technique with existing models on test data. The results implied that the AKNN-IDS model has obtained lower
and
values of 0.9219 and 0.9376, respectively. Meanwhile, the DPCDBN-IDS and DT-IDS models have shown slightly improved values of
and
. Moreover, the PTDSAE-IDS, AB-IDS, and RF-IDS models have obtained moderately closer values of
and
. In line with this, the DBN-IDS, LSTM-IDS, and RNN-IDS models have accomplished reasonable
and
values. Though the AIMMFIDS model has shown near-optimal performance with
and
of 0.9946 and 0.9907, the presented OMLIDS-PBIoT technique has accomplished higher
and
of 0.9962 and 0.9950, respectively.
Figure 10 provides a comparative
and
inspection of the OMLIDS-PBIoT technique with existing techniques on test data. The results implied that the AKNN-IDS methodology has obtained lower
and
values of 0.9292 and 0.9199, respectively. In the meantime, the DPCDBN-IDS and DT-IDS methodologies have shown slightly improved values of
and
. Next, the PTDSAE-IDS, AB-IDS, and RF-IDS algorithms have gained moderately closer values of
and
. In accordance with this, the DBN-IDS, LSTM-IDS, and RNN-IDS methods have accomplished reasonable
and
values. Even though the AIMMFIDS system has displayed near-optimal performance with
and
of 0.9898 and 0.9936, the presented OMLIDS-PBIoT technique has accomplished higher
and
of 0.9931 and 0.9960, correspondingly.
Finally, a detailed computation time inspection of the OMLIDS-PBIoT technique with recent models takes place in
Table 5. The results implied that the AKNN-IDS, DT-IDS, AB-IDS, and RF-IDS, models have shown the least performance with maximum values of TRT. Additionally, the LSTM-IDS, RNN-IDS, PTDSAE-IDS, and DPCDBN-IDS models have demonstrated moderately closer values of TRT and TST. In line with this, the DBN-IDS model has shown a reasonable TRT of 61 s. At the same time, the AIMMFIDS model has demonstrated considerable TRT of 55 s. However, the OMLIDS-PBIoT technique has accomplished superior performance with minimal TRT of 35 s.
At the same time, the AKNN-IDS, DT-IDS, AB-IDS, and RF-IDS, models have displayed the least performance with maximal values of TST. Following this, the LSTM-IDS, RNN-IDS, PTDSAE-IDS, and DPCDBN-IDS methodologies have illustrated moderately closer values of TST and TST. In compliance with this, the DBN-IDS method has shown reasonable TST of 34 s. Meanwhile, the AIMMFIDS model has demonstrated considerable TST of 25 s. However, the OMLIDS-PBIoT technique has accomplished superior performance with a minimum TST of 20 s. From the detailed outcomes and discussion, it is clear that the OMLIDS-PBIoT technique has resulted in more enhanced outcomes than other models.