2690-6791ISSN (Online)
2769-786XISSN (Print)
Volume 18 , Issue 1 , PP: 140-149, 2026 | Cite this article as | XML | Html | PDF | Full Length Article
Wisam Ali Hussein Salman 1 *
Doi: https://doi.org/10.54216/JISIoT.180110
Due to the huge number of devices that connect to Internet of Things (IoT) networks, these networks have become the main nerve of the organizations that use them due to the large services that the networks provide to companies. In recent years, the number of attacks targeting IoT networks to shut down or violate data privacy has increased, so system developers must build strong protection systems to keep those networks secure. Intrusion detection systems (IDS) and intrusion prevention systems (IPS) are one of the most promising protection systems in securing these networks, but they suffer from several challenges, including high false positive alarms (FPA) and false negative alarms (FNA), in addition to the difficulty of controlling the long-time chains of incoming and outgoing traffic in IoT networks. This paper presents a distributed intrusion detection system (DIDS) based on the use of deep learning algorithms, specifically the enhanced long short-term memory (LSTM) algorithm with the gradient repeating unit (GRU) algorithm, as well as the use of a modern dataset collected from real network data called CICIOT2023. To adjust the threshold and achieve a balanced approach to the detection of anomalies, a hybrid model of the Enhanced Peak Density (DPC) aggregation algorithm with ROC curve analysis was used. The proposed work's main innovation is the combination of top-k feature selection with a hybrid LSTM-GRU architecture optimized for imbalanced datasets using focal loss, SMOTE, and dynamic class weighting. As a result, the intrusion detection pipeline is strong and effective. To evaluate the functioning of the system, standard performance metrics such as AUC-ROC, accuracy, F1-score, and recall were used, as the proposed system proved to be a powerful solution to prevent complex attacks targeting IoT networks as well as the possibility of detecting rare and modern attacks. The proposed model achieved promising results with accurate results reaching (96.0%) and a false negative rate (FNR) of 0.049% and a false positive rate (FPR) of 0.014%.
Intrusion detection system , Intrusion prevention system , Machine learning , Deep learning , Artificial intelligent , Long short-term memory , Gradient repeating unit
[1] S. Yaras and M. Dener, "IoT-Based Intrusion Detection System Using New Hybrid Deep Learning Algorithm," Advances in Science and Technology Research Journal (ASTRJ), vol. 14, pp. 771-779, 2024. doi: 10.3390/electronics.
[2] M. Nuaimi, L. C. Fourati, and B. Ben Hamed, "Intelligent approaches toward intrusion detection systems for Industrial Internet of Things: A systematic comprehensive review," Journal of Network and Computer Applications, vol. 215, pp. 103-117, 2023. doi: 10.1016/j.jnca.2023.103637.
[3] S. H. Abbas, W. A. K. Naser, and A. A. Kadhim, "Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)," Global Journal of Engineering and Technology Advances, vol. 14, no. 2, pp. 155-158, 2023.
[4] L. Yang and A. Shami, "An open source code for Intrusion Detection System development using Machine Learning," Software Impacts, vol. 14, 2022. doi: 10.1016/j.simpa.2022.100446.
[5] R. Khushal and U. Fatima, "Fuzzy machine learning logic utilization on hormonal imbalance dataset," Computers in Biology and Medicine, vol. 174, 2024. doi: 10.1016/j.compbiomed.2024.108429.
[6] G. Li and J. J. Jung, "Deep learning for anomaly detection in multivariate time series: Approaches, applications, and challenges," Information Fusion, vol. 91, pp. 93-102, 2023. doi: 10.1016/j.inffus.2022.10.008.
[7] W. Wang, Y.-j. Du, K.-w. Chau, C.-T. Cheng, D.-m. Xu, and W.-T. Zhuang, "Evaluating The Performance of Several Data Preprocessing Methods Based On GRU in Forecasting Monthly Runoff Time Series," Advances in Science and Technology Research Journal (ASTRJ), vol. 3, 2021. doi: 10.21203/rs.3.rs-868259/v1.
[8] N. F. Syed, M. Ge, and Z. Baig, "Fog-cloud based intrusion detection system using Recurrent Neural Networks and feature selection for IoT networks," Computer Networks, vol. 225, 2023. doi: 10.1016/j.comnet.2023.109662.
[9] S. M. Kasongo, "A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework," Computer Communications, vol. 199, pp. 113-125, 2023. doi: 10.1016/j.comcom.2022.12.010.
[10] S. Hochreiter and J. Schmidhuber, "LONG SHORT-TERM MEMORY," Neural Computation, vol. 9, no. 8, pp. 1735-1780, 1997.
[11] M. Moukhafi, M. Tantaoui, I. Chana, and A. Bouazi, "Intelligent intrusion detection through deep autoencoder and stacked long short-term memory," International Journal of Electrical and Computer Engineering, vol. 14, no. 3, pp. 2908-2917, 2024. doi: 10.11591/ijece.v14i3.pp2908-2917.
[12] S. E. Vadakkethil, K. Polimetla, S. Velpula, P. K. Pareek, and D. Sontakke, "Improved Whale Optimization Algorithm and Optimized Long Short-Term Memory for DDoS Cyber Security Threat," in Proceedings of the Third International Conference on Distributed Computing and Electrical Circuits and Electronics, 2024.
[13] A. Gueriani, H. Kheddar, and A. C. Mazari, "Enhancing IoT Security with CNN and LSTM-Based Intrusion Detection Systems," IEEE, vol. 1, 2024. doi: http://arxiv.org/abs/2405.18624.
[14] S. Ma et al., "Improved Seagull Optimization Algorithm to Optimize Neural Networks with Gated Recurrent Units for Network Intrusion Detection," in Proceedings of the 11th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS, 2021, pp. 100–104. doi: 10.1109/IDAACS53288.2021.9660898.
[15] W. Wang, Y.-j. Du, K.-w. Chau, C.-T. Cheng, D.-m. Xu, and W.-T. Zhuang, "Evaluating The Performance of Several Data Preprocessing Methods Based On GRU in Forecasting Monthly Runoff Time Series," Research Square, 2021. doi: 10.21203/rs.3.rs-868259/v1.
[16] S. M., "Recognition of human activity using GRU deep learning algorithm," Multimedia Tools and Applications, vol. 82, no. 30, pp. 47733–47749, 2023. doi: 10.1007/s11042-023-15571-y.
[17] S. Nosouhian, F. Nosouhian, and A. K. Khoshouei, "A Review of Recurrent Neural Network Architecture for Sequence Learning: Comparison between LSTM and GRU," Preprints, vol. 1, 2021. doi: 10.20944/preprints202107.0252.v1.
[18] B. C. Mateus, M. Mendes, J. T. Farinha, and R. Assis, "Comparing LSTM and GRU models to predict the condition of a pulp paper press," Energies, vol. 14, no. 21, 2021. doi: 10.3390/en14216958.
[19] S. Nosouhian, F. Nosouhian, and A. K. Khoshouei, "A Review of Recurrent Neural Network Architecture for Sequence Learning: Comparison between LSTM and GRU," Preprints, vol. 23, 2021. doi: 10.20944/preprints202107.0252.v1.
[20] H. R. Sayegh, W. Dong, and A. M. Al-madani, "Enhanced Intrusion Detection with LSTM-Based Model, Feature Selection, and SMOTE for Imbalanced Data," Applied Sciences (Switzerland), vol. 14, no. 2, 2024. doi: 10.3390/app14020479.
[21] W.-c. Wang, Y.-j. Du, K.-w. Chau, C.-T. Cheng, D.-m. Xu, and W.-T. Zhuang, "Evaluating The Performance of Several Data Preprocessing Methods Based On GRU in Forecasting Monthly Runoff Time Series," Research Square, 2021. doi: 10.21203/rs.3.rs-868259/v1.
[22] S. Shakeela, N. S. Shankar, P. M. Reddy, T. T. T. Tulasi, and M. M. Koneru, "Optimal ensemble learning based on distinctive feature selection by univariate ANOVA-F statistics for IDS," International Journal of Electronics and Telecommunications, vol. 67, no. 2, pp. 267–275, 2021. doi: 10.24425/ijet.2021.135975.
[23] M. J. Siraj, T. Ahmad, and R. M. Ijtihadie, "Analyzing ANOVA F-test and Sequential Feature Selection for Intrusion Detection Systems," International Journal of Advances in Soft Computing and Its Applications, vol. 14, no. 2, pp. 185–194, 2022. doi: 10.15849/IJASCA.220720.13.
[24] A. M. Carrington, D. G. Manuel, P. W. Fieguth, T. Ramsay, and V. Osmani, "Deep ROC Analysis and AUC as Balanced Average Accuracy, for Improved Classifier Selection, Audit and Explanation," IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 45, no. 1, pp. 329–341, 2023. doi: 10.1109/TPAMI.2022.3145392.
[25] G. Kumar, "Evaluation Metrics for Intrusion Detection Systems-A Study," International Journal of Computer Science and Mobile Applications, vol. 2, pp. 11–17, 2014.
