Smart deep learning model for enhanced IoT intrusion detection

Growing volumes and sensitivities of information in the growing IoT require strong cybersecurity measures to adequately counter increasingly sophisticated cyberattacks. Machine learning-based anomaly detection has the potential to be a viable solution through abnormal network traffic behavior identi...

Full description

Saved in:
Bibliographic Details
Published in:Scientific reports Vol. 15; no. 1; pp. 20577 - 23
Main Author: Alsubaei, Faisal S.
Format: Journal Article
Language:English
Published: London Nature Publishing Group UK 01.07.2025
Nature Portfolio
Subjects:
639/166
639/705
692/1807
Cyber security
Humanities and Social Sciences
Internet of things (IoT)
Intrusion detection
Intrusion detection systems (IDS)
multidisciplinary
Optimized sequential neural network
Optimized XGBoost
Science
Science (multidisciplinary)
Intrusion detection systems (IDS)
Optimized sequential neural network
Optimized XGBoost
Cyber security
Intrusion detection
Internet of things (IoT)
ISSN:2045-2322, 2045-2322
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Growing volumes and sensitivities of information in the growing IoT require strong cybersecurity measures to adequately counter increasingly sophisticated cyberattacks. Machine learning-based anomaly detection has the potential to be a viable solution through abnormal network traffic behavior identification that foretells intrusions. Existing approaches, however, are usually hampered by the inability to effectively counter the sophisticated and evolving nature of such threats, especially in preprocessing optimization and hyperparameter tuning, which typically adopt conventional machine learning and deep learning models. This paper addresses these limitations with large preprocessing steps followed by hyperparameter tuning of machine learning XGBoost and deep learning Sequential Neural Network (OSNN) algorithms through Grid Search for their best values to improve multiclass intrusion detection across varied datasets. These deep models were then augmented with a variety of various filters, kernels, activation functions, and regularization techniques in an attempt to boost them in detecting complex, multiclass intrusion patterns. The proposed system was tested comprehensively on three challenging datasets: NSL-KDD, UNSW-NB15, and CICIDS2017. The optimized XGBoost model worked exceptionally well on the NSL-KDD dataset with very high accuracy (99.93%), F1-score (99.84%), MCC (99.86%), and a very low FPR (0.0004). The optimized SNN model also performed well on the NSL-KDD dataset with an accuracy of 99.0% and an AUC of 1.00. Also, the OSNN model performed very well on UNSW-NB15 dataset with an accuracy of 96.80% and a loss of 0.0777, as well as on the CICIDS-2017 dataset with an accuracy of 99.53% and a loss of 0.0236. This superb performance of the OSNN model can be explained by the careful optimization of hyperparameters like strong activation functions (ReLU, GeLU, LeakyReLU), learning rates, dropout rates, and regularization techniques that enable it to learn intricate intrusion patterns efficiently using various datasets. These results highlight the potential of our proposed method to enhance intrusion detection, system integrity, fraud prevention, and ultimately optimize overall network performance.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
ISSN:2045-2322
2045-2322
DOI:10.1038/s41598-025-06363-5