Anomaly Detection for the Internet of Things Using Machine Learning Techniques
DOI:
https://doi.org/10.22399/ijcesen.4166Keywords:
IoT Security, Intrusion Detection System (IDS), Machine Learning, Feature Selection, NSL-KDD, CybersecurityAbstract
The rapid growth of the Internet of Things (IoT) has introduced considerable security challenges, making Intrusion Detection Systems (IDS) essential for protecting connected devices from cyber threats. This paper presents an Artificial Intelligence (AI)-driven Intrusion Detection System (IDS) designed for IoT environments, utilizing machine learning and anomaly detection techniques. The system leverages the NSL-KDD dataset to distinguish between normal and anomalous network traffic. We implemented multiple feature selection techniques, including correlation-based selection, Recursive Feature Elimination (RFE), and LASSO, to optimize model performance. Various machine learning classifiers, including Random Forest (RF), Bagging, Support Vector Machines (SVM), and K-Nearest Neighbors (KNN), were evaluated using key performance metrics such as accuracy, recall, precision, and AUC-ROC. Experimental results indicate that Random Forest and Bagging outperformed other models, achieving the highest accuracy of 99.89%, with an AUC-ROC of 99.88%, outperforming other models in intrusion detection. Additionally, feature selection methods effectively reduced dataset dimensionality while maintaining high detection performance. Despite these promising results, challenges such as high training time, false positives, and real-time adaptability remain critical concerns for practical deployment in IoT systems.
References
[1] Kumar, S., Tiwari, P. & Zymbler, M. Internet of Things is a revolutionary approach for future technology enhancement: a review. J Big Data 6, 111 (2019). https://doi.org/10.1186/s40537-019-0268-2 DOI: https://doi.org/10.1186/s40537-019-0268-2
[2] Elgazzar, K., Khalil, H., Alghamdi, T., Badr, A., Abdelkader, G., Elewah, A., & Buyya, R. (2022). Revisiting the internet of things: New trends, opportunities and grand challenges. Frontiers in the Internet of Things, 1, 1073780. https://doi.org/10.3389/friot.2022.1073780 DOI: https://doi.org/10.3389/friot.2022.1073780
[3] Xia, F., Yang, L. T., Wang, L., & Vinel, A. (2012). Internet of things. International journal of communication systems, 25(9), 1101. DOI: https://doi.org/10.1002/dac.2417
[4] Nižetić, S., Šolić, P., Gonzalez-De, D. L. D. I., & Patrono, L. (2020). Internet of Things (IoT): Opportunities, issues and challenges towards a smart and sustainable future. Journal of cleaner production, 274, 122877. DOI: https://doi.org/10.1016/j.jclepro.2020.122877
[5] Atzori, L., Iera, A., Morabito, G. (2010). The Internet ofThings: A survey. Computer Network, 54(15): 2787-2805. https://doi.org/10.1016/j.comnet.2010.05.010. DOI: https://doi.org/10.1016/j.comnet.2010.05.010
[6] Fenanir, S., Semchedine, F., & Baadache, A. (2019). A Machine Learning-Based Lightweight Intrusion Detection System for the Internet of Things. Revue d'Intelligence Artificielle, 33(3). DOI: https://doi.org/10.18280/ria.330306
[7] Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A survey. Journal of Network and Computer Applications, 88, 10–28. DOI: https://doi.org/10.1016/j.jnca.2017.04.002
[8] Abomhara, M., & Køien, G. M. (2015). Cyber security and the Internet of Things: Vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65–88. DOI: https://doi.org/10.13052/jcsm2245-1439.414
[9] Jyothsna, V. V. R. P. V., Prasad, R., & Prasad, K. M. (2011). A review of anomaly based intrusion detection systems. International Journal of Computer Applications, 28(7), 26-35. DOI: https://doi.org/10.5120/3399-4730
[10] Kikissagbe, B. R., & Adda, M. (2024). Machine Learning-Based Intrusion Detection Methods in IoT Systems: A Comprehensive Review Electronics, 13(18), 3601.
. https://doi.org/10.3390/electronics13183601 DOI: https://doi.org/10.3390/electronics13183601
[11] Fenanir, S., Semchedine, F., Harous, S., & Baadache, A. (2020). A Semi-supervised Deep Auto-encoder Based Intrusion Detection for IoT. Ingenierie des Systemes d'Information, 25(5). DOI: https://doi.org/10.18280/isi.250503
[12] Yamauchi, M., Ohsita, Y., Murata, M., Ueda, K., & Kato, Y. (2020). Anomaly detection in smart home operation from user behaviors and home conditions. IEEE Transactions on Consumer Electronics, 66(2), 183–192. https://doi.org/10.1109/TCE.2020.2981636 DOI: https://doi.org/10.1109/TCE.2020.2981636
[13] Khan, M. M., & Alkhathami, M. (2024). Anomaly detection in IoT-based healthcare: Machine learning for enhanced security. Scientific Reports, 14, 5872. https://doi.org/10.1038/s41598-024-56126-x DOI: https://doi.org/10.1038/s41598-024-56126-x
[14] Harahsheh, Maryam & Chen, Chung-Hao. (2023). A Survey of Using Machine Learning in IoT Security and the Challenges Faced by Researchers. Informatica. 47. 10.31449/inf.v47i6.4635.
[15] Amouri, Amar & Alaparthy, Vishwa & Morgera, Salvatore. (2020). A Machine Learning Based Intrusion Detection System for Mobile Internet of Things. Sensors. 20. 10.3390/s20020461. DOI: https://doi.org/10.3390/s20020461
[16] Abdulla, Shubair & Alashoor, Ahmed. (2020). An Artificial Deep Neural Network for the Binary Classification of Network Traffic. International Journal of Advanced Computer Science and Applications. 11. 10.14569/IJACSA.2020.0110150. DOI: https://doi.org/10.14569/IJACSA.2020.0110150
[17] Alsaeedi, Abdullah & Khan, Mohammad. (2019). Performance Analysis of Network Intrusion Detection System using Machine Learning. International Journal of Advanced Computer Science and Applications. 10. 671-678. 10.14569/IJACSA.2019.0101286. DOI: https://doi.org/10.14569/IJACSA.2019.0101286
[18] Devi, Ravipati & Abualkibash, Munther. (2019). Intrusion Detection System Classification Using Different Machine Learning Algorithms on KDD-99 and NSL-KDD Datasets - A Review Paper. International Journal of Computer Science and Information Technology. 11. 65-80. 10.5121/ijcsit.2019.11306. DOI: https://doi.org/10.5121/ijcsit.2019.11306
[19] Rafique, Saida & Abdallah, Amira & Musa, Nura & Murugan, Thangavel. (2024). Machine Learning and Deep Learning Techniques for Internet of Things Network Anomaly Detection—Current Research Trends. Sensors. 24. 1968. 10.3390/s24061968. DOI: https://doi.org/10.3390/s24061968
[20] Harahsheh, Maryam & Chen, Chung-Hao. (2023). A Survey of Using Machine Learning in IoT Security and the Challenges Faced by Researchers. Informatica. 47. 10.31449/inf.v47i6.4635. DOI: https://doi.org/10.31449/inf.v47i6.4635
[21] Huong, Truong & Ta, Phuong Bac & Long, Dao & Luong, Tran & Dan, Nguyen & Quang, Le & Cong, Le & Thắng, Bùi & TRAN, Kim Phuc. (2021). Detecting Cyberattacks using Anomaly Detection in Industrial Control Systems: A Federated Learning approach. Computers in Industry. 132. 103509. 10.1016/j.compind.2021.103509. DOI: https://doi.org/10.1016/j.compind.2021.103509
[22] Benghozi, P. J., Bureau, S., & Massit-Folléa, F. (2015). L'Internet des objets/The Internet of Things: Quels enjeux pour l'Europe?/What Challenges for Europe?. Les Editions de la MSH.
[23] Alaghbari, Khaled & Md Saad, Mohamad Hanif & Hussain, Aini & Alam, Muhammad Raisul. (2022). Complex event processing for physical and cyber security in datacentres - recent progress, challenges and recommendations. Journal of Cloud Computing. 11. 10.1186/s13677-022-00338-x. DOI: https://doi.org/10.1186/s13677-022-00338-x
[24] Liao, H.-J., Lin, C.-H. R., Lin, Y.-C., & Tung, K.-Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16-24. DOI: 10.1016/j.jnca.2012.09.004 DOI: https://doi.org/10.1016/j.jnca.2012.09.004
[25] Scarfone, K., & Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). National Institute of Standards and Technology (NIST), Special Publication 800-94. DOI: https://doi.org/10.6028/NIST.SP.800-94
[26] Mitchell, T. M., & Mitchell, T. M. (1997). Machine learning (Vol. 1, No. 9). New York: McGraw-hill.
[27] Goodfellow, I. (2016). Deep learning.
[28] NSL-KDDDataset, https://www.unb.ca/cic/datasets/nsl.html, accessed on March 1, 2024.
[29] Ozgür, A., & Erdem, H. (2015). A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. DOI: https://doi.org/10.7287/peerj.preprints.1954v1
[30] Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. (2009). A detailed analysis of the KDD CUP 99 dataset. In Proceedings of the 2nd IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA). IEEE. DOI: https://doi.org/10.1109/CISDA.2009.5356528
[31] Tomer, V., & Sharma, S. (2022). Detecting IoT attacks using an ensemble machine learning model. Future Internet, 14(4), 102. https://doi.org/10.3390/fi14040102 DOI: https://doi.org/10.3390/fi14040102
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 International Journal of Computational and Experimental Science and Engineering
This work is licensed under a Creative Commons Attribution 4.0 International License.
