Framework for Intrusion Detection in IoT Networks: Dataset Design and Machine Learning Analysis

Lmkaiti, Mansour and Larhlimi, Ibtissam and Lachgar, Maryem and Moudni, Houda and Mouncif, Hicham (2025) Framework for Intrusion Detection in IoT Networks: Dataset Design and Machine Learning Analysis. INFOCOMMUNICATIONS JOURNAL, 17 (2). pp. 61-71. ISSN 2061-2079

Preview

Text InfocomJournal_2025_2_8.pdf - Published Version Download (2MB) | Preview

Abstract

This study explores the development of robust Intrusion Detection Systems (IDS) to enhance cybersecurity in Wireless Sensor Networks (WSNs) within the evolving Internet of Things (IoT) ecosystem. It leverages a publicly available dataset derived from UNSW-NB15, retrieved from a GitHub repository, capturing diverse network traffic attributes (dttl, swin, dwin, tcprtt, synack, ackdat), protocol-specific indicators (proto tcp, proto udp), and service-specific attributes (service dns). These features enable precise analysis of TCP/IP headers and traffic patterns, supporting multi-class classification into four categories: Analysis, Denial of Service (DoS), Exploits, and Normal. Advanced machine learning algorithms, including Random Forest, Support Vector Machines (SVM), and K-Nearest Neighbors (KNN), were applied with systematic preprocessing (including KNN-based imputation, normalization, and one-hot encoding), feature selection using Random Forest importance, and 5-fold cross-validation. The best performance was achieved by Random Forest (accuracy, precision, recall, and F1-score of 99.9877%), followed by KNN (99.9754%) and SVM (99.9630%). The study demonstrates that combining well-structured models with relevant protocol-level features and robust evaluation strategies can significantly enhance intrusion detection capabilities in IoT-based environments. It reinforces the value of using modern public datasets and interpretable algorithms for building scalable and reliable IDS solutions.

Actions (login required)

Edit Item