Presenting a Hybrid Model on Machine Learning and Principal Component Analysis for Action Detection in the Internet of Things
zahra shahpar
1
(
Department of Computer Engineering, Zabol Branch, Islamic Azad University, Zabol, Iran
)
Mohammadreza Badragheh
2
(
Department of Computer Engineering, Ferdows Branch, Islamic Azad University, Ferdows, Iran
)
Keywords: : IoT, Intrusion Detection System, Principal Component Analysis (PCA), Machine Learning,
Abstract :
With the rapid expansion of the Internet of Things and the increase in the number of devices connected to the Internet, the security of Internet of Things systems has become a serious challenge. Due to the easy access to these devices and existing security weaknesses, we are witnessing various attacks and an increasing penetration of these systems. One of the effective tools in dealing with these threats is intrusion detection systems. In this study, a hybrid model for intrusion detection in Internet of Things networks is presented that uses machine learning methods (logistic regression, support vector machine, nearest neighbor, random forest, decision tree, and multilayer neural network) along with principal component analysis (PCA) to reduce data dimensions. The proposed method was implemented and investigated on the UNSW-NB15 dataset. Based on the results obtained; The logistic regression model with a single-class accuracy of 97.84% and a multi-class accuracy of 89.81%, the support vector machine model with a single-class accuracy of 97.85% and a multi-class accuracy of 89.89%, the nearest neighbor model with a single-class accuracy of 98.31% and a multi-class accuracy of 88.55%, the decision tree model with a single-class accuracy of 98.11% and a multi-class accuracy of 85.45%, and the multilayer neural network model with a single-class accuracy of 98.39% and a multi-class accuracy of 89.94% have been able to identify different types of attacks. In particular, the results obtained indicate that the random forest model with a single-class accuracy of 98.63% and a multi-class accuracy of 89.06% has the best performance among the models. Also, the false positive rate was reduced to about 4% and the processing time was less than 1 millisecond. Comparison of the proposed method with other methods showed that the proposed method, with an accuracy of 84% provides significant improvement in accuracy, efficiency, and speed. Overall, the proposed model can be used as an effective and reliable method for detecting attacks in IoT networks, especially in resource-constrained environments
[1] S. Sadhwani, B. Manibalan, R. Muthalagu, and P. Pawar, "A lightweight model for DDoS attack detection using machine learning techniques," Applied Sciences, vol. 13, no. 17, p. 9937, 2023.
[2] T. Zhang, L. Gao, C. He, M. Zhang, B. Krishnamachari, and A. S. Avestimehr, "Federated learning for the internet of things: Applications, challenges, and opportunities," IEEE Internet of Things Magazine, vol. 5, no. 1, pp. 24-29, 2022.
[3] B. B. Zarpelão, R. S. Miani, C. T. Kawakani, and S. C. De Alvarenga, "A survey of intrusion detection in Internet of Things," Journal of Network and Computer Applications, vol. 84, pp. 25-37, 2017.
[4] M. Ahmid and O. Kazar, "A comprehensive review of the internet of things security," Journal of Applied Security Research, vol. 18, no. 3, pp. 289-305, 2023.
[5] N. Dat-Thinh, H. Xuan-Ninh, and L. Kim-Hung, "MidSiot: A multistage intrusion detection system for internet of things," Wireless Communications and Mobile Computing, vol. 2022, no. 1, p. 9173291, 2022.
[6] L. Strous, S. von Solms, and A. Zúquete, "Security and privacy of the Internet of Things," Computers & Security, vol. 102, p. 102148, 2021.
[7] S. Pandey and B. Bhushan, "Recent Lightweight cryptography (LWC) based security advances for resource-constrained IoT networks," Wireless Networks, vol. 30, no. 4, pp. 2987-3026, 2024.
[8] P. Fusco, A. Montefusco, G. P. Rimoli, F. Palmieri, and M. Ficco, "TinyML-Based Intrusion Detection System for Handling Class Imbalance in IoT-Edge Domain Using Siamese Neural Network on MCU," in International Conference on Advanced Information Networking and Applications, 2025: Springer, pp. 389-402.
[9] K. A. Da Costa, J. P. Papa, C. O. Lisboa, R. Munoz, and V. H. C. de Albuquerque, "Internet of Things: A survey on machine learning-based intrusion detection approaches," Computer Networks, vol. 151, pp. 147-157, 2019.
[10] E. Konstantopoulou, G. Athanasiou, and N. Sklavos, "Review and Analysis of FPGA and ASIC Implementations of NIST Lightweight Cryptography Finalists," ACM Computing Surveys, vol. 57, no. 10, pp. 1-35, 2025.
[11] H. Griffioen and C. Doerr, "Examining Mirai's battle over the Internet of Things," in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pp. 743-756.
[12] M. Kintzlinger and N. Nissim, "Keep an eye on your personal belongings! The security of personal medical devices and their ecosystems," Journal of biomedical informatics, vol. 95, p. 103233, 2019.
[13] M. Ahmed, A. N. Mahmood, and J. Hu, "A survey of network anomaly detection techniques," Journal of Network and Computer Applications, vol. 60, pp. 19-31, 2016.
[14] A. A. Diro and N. Chilamkurti, "Distributed attack detection scheme using deep learning approach for Internet of Things," Future Generation Computer Systems, vol. 82, pp. 761-768, 2018.
[15] S. D. Babar and P. N. Mahalle, "A hash key-based key management mechanism for cluster-based wireless sensor network," Journal of Cyber Security and Mobility, pp. 73-88, 2016.
[16] A. Fatani, A. Dahou, M. A. Al-Qaness, S. Lu, and M. A. Elaziz, "Advanced feature extraction and selection approach using deep learning and Aquila optimizer for IoT intrusion detection system," Sensors, vol. 22, no. 1, p. 140, 2021.
[17] R. A. Disha and S. Waheed, "Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based Weighted Random Forest (GIWRF) feature selection technique," Cybersecurity, vol. 5, no. 1, p. 1, 2022.
[18] M. Mohy-Eddine, A. Guezzaz, S. Benkirane, and M. Azrour, "An effective intrusion detection approach based on ensemble learning for IIoT edge computing," Journal of Computer Virology and Hacking Techniques, vol. 19, no. 4, pp. 469-481, 2023.
[19] R. S. Tiwari, D. Lakshmi, T. K. Das, A. K. Tripathy, and K.-C. Li, "A lightweight optimized intrusion detection system using machine learning for edge-based IIoT security," Telecommunication Systems, pp. 1-20, 2024.
[20] M. J. Awan et al., "Real-time DDoS attack detection system using big data approach," Sustainability, vol. 13, no. 19, p
[21] W. Elmasry, A. Akbulut, and A. H. Zaim, "A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service" Open Computer Science, vol. 11, no. 1, 2021, pp. 365-379. https://doi.org/10.1515/comp-2020-0214.
[22] M. Sarhan, S. Layeghy, N. Moustafa, and M. Portmann, "Netflow datasets for machine learning-based network intrusion detection systems," in Big Data Technologies and Applications: 10th EAI International Conference, BDTA 2020, and 13th EAI International Conference on Wireless Internet, WiCON 2020, Virtual Event, December 11, 2020, Proceedings 10, 2021: Springer, pp. 117-135.
[23] M. S. M. AL-inizi, Y. T. Alzubaidi, S. H. Oleiwi, N. A. A. Zahra, and J. F. Yonan, "Improvement Networks Intrusion Detection System Using Artificial Neural Networks (ANN)," in International Conference On Innovative Computing And Communication, 2024: Springer, pp. 571-587.