Making a Real-Time IoT Network Intrusion-Detection System (INIDS) Using a Realistic BoT–IoT Dataset with Multiple Machine-Learning Classifiers

Jawad Ashraf; Ghulam Musa Raza; Byung-Seo Kim; Abdul Wahid; Hye-Young Kim

doi:10.3390/app15042043

Applied Sciences (Feb 2025)

Making a Real-Time IoT Network Intrusion-Detection System (INIDS) Using a Realistic BoT–IoT Dataset with Multiple Machine-Learning Classifiers

Jawad Ashraf,
Ghulam Musa Raza,
Byung-Seo Kim,
Abdul Wahid,
Hye-Young Kim

Affiliations

Jawad Ashraf: School of Electrical Engineering and Computer Science, National University of Sciences and Technology, Islamabad 44000, Pakistan
Ghulam Musa Raza: Department of Software and Communications Engineering, Hongik University, Sejong 30016, Republic of Korea
Byung-Seo Kim: Department of Software and Communications Engineering, Hongik University, Sejong 30016, Republic of Korea
Abdul Wahid: School of Computer Science, University of Birmingham, Birmingham B15 2TT, UK
Hye-Young Kim: Department of Games, School of Games, Hongik University, Sejong 30016, Republic of Korea

DOI: https://doi.org/10.3390/app15042043
Journal volume & issue: Vol. 15, no. 4
p. 2043

Abstract

Read online

Cyber-attacks have become a significant concern today, particularly in IoT environments where security poses a substantial challenge due to the distributed nature and heterogeneity of protocols. To efficiently detect threats in IoT networks, it is crucial to develop a robust intrusion-detection system (IDS) capable of identifying various modern and traditional attacks with high accuracy. Most existing machine-learning-based intrusion-detection systems for IoT have been trained using outdated datasets that do not accurately reflect IoT scenarios. Additionally, current research does not adequately address which machine-learning classifiers are most suitable for developing an efficient IDS in IoT environments. In our research, we have developed and trained a real-time intrusion-detection system for IoT networks that can detect multiple modern and traditional threats with high accuracy. We created seven instances of real-time IDS using state-of-the-art machine-learning algorithms, including Logistic Regression, Support Vector Machine, K-Nearest Neighbors, Decision Tree, Random Forest, Naïve Bayes, and Artificial Neural Networks. Using the Pearson Correlation Coefficient, we extracted the most relevant features from the BoT–IoT dataset. After rigorous preprocessing, we used these data to train our algorithms. Our trained model, INIDS, is not only up to date and real-time but also capable of accurately identifying multiple categories of attacks specifically related to IoT networks. To achieve maximum accuracy, instead of selecting only one classifier, we evaluated seven advanced machine-learning algorithms and provided a comprehensive comparison of their performance and efficiency in the context of IoT networks. This analysis can guide future researchers in choosing the right machine-learning algorithms for developing IDS. We found that Random Forest is the most robust classifier for IoT-based network intrusion-detection systems, achieving an accuracy of 99.2%. The second-best performer is Naïve Bayes, with an accuracy of 98.8%.

Published in Applied Sciences

ISSN: 2076-3417 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Engineering (General). Civil engineering (General); Science: Biology (General); Science: Physics; Science: Chemistry
Website: http://www.mdpi.com/journal/applsci

About the journal

Abstract

Keywords