Volume 17 , Issue 2 , PP: 369-391, 2025 | Cite this article as | XML | Html | PDF | Full Length Article
M. Sindhuja 1 * , Noorfazila Kamal 2 , Kalaivani Chellappan 3
Doi: https://doi.org/10.54216/JISIoT.170224
The rapid expansion of Internet of Things (IoT) devices has significantly amplified cybersecurity risks, thereby necessitating advanced anomaly detection mechanisms. This research introduces a hybrid detection framework tailored for IoT networks, combining deep learning architectures with bio-inspired optimization techniques. At the core of the framework lies the IoT Autoencoder-Based Feature Extraction Network (IoTAE-FEN), designed to minimize data dimensionality while preserving key discriminative features. To further refine the selected attributes, a Binary Multi-Objective Enhanced Gray Wolf Optimization (BMOEGWO) strategy, modeled on the cooperative hunting behavior of gray wolves, is employed. For the classification phase, Random Forest (RF) is integrated, resulting in the proposed AE-BMOEGWO-RF hybrid model. The effectiveness of this approach was validated on benchmark datasets, including NSL-KDD and TON-IoT. Experimental findings highlight a feature selection accuracy of 96.85% on the TON-IoT dataset and an overall classification performance of 97.81% on NSL-KDD. Comparative evaluations against existing techniques underscore the framework’s superior detection capability, emphasizing its potential to strengthen IoT network security by addressing longstanding challenges in feature extraction and selection for anomaly detection.
Anomaly Detection , Autoencoder , Feature Extraction , Hybrid Model , Optimization , Internet of Things , Nature-Inspired Computing , Cybersecurity , Gray Wolf Optimization
[1] H. Alazzam, A. Sharieh, and K. E. Sabri, "A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer," Expert Syst. Appl., vol. 148, p. 113249, 2020.
[2] Aldweesh, A. Derhab, and A. Z. Emam, "Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues," Knowl.-Based Syst., vol. 189, p. 105124, 2020.
[3] M. Almiani, A. AbuGhazleh, A. Al-Rahayfeh, S. Atiewi, and A. Razaque, "Deep recurrent neural network for IoT intrusion detection system," Simul. Model. Pract. Theory, vol. 101, p. 102031, 2020.
[4] O. Altay, "Chaotic slime mould optimization algorithm for global optimization," Artif. Intell. Rev., vol. 55, 2022.
[5] S. Hameed and U. Ali, "On the Efficacy of Live DDoS Detection with Hadoop," arXiv preprint arXiv: 1506.08953, 2015.
[6] J. Mohammed and Y. Yuhanis, "Determining Number of Clusters using Firefly Algorithm with Cluster Merging for Text Clustering," in Proc. Springer Int. Conf., Switzerland, 2015.
[7] J. Jung, B. Krishnamurthy, and M. Rabinovich, "Flash crowds and denial of service attacks: characterization and implications for cdns and web sites," in Proc. 11th Int. Conf. World Wide Web, New York, NY, USA, 2002, pp. 293–304.
[8] G. Kambouakis, T. Moschos, D. Geneiatakis, and S. Gritzalis, "A fair solution to DNS amplification attacks," in Proc. IFIP Sec., 2007.
[9] "An Exhaustive Consideration of Wired and Wireless Network Simulators," Int. J. Recent Technol. Eng., 2019.
[10] S. Kiran, A. Mohapatra, and R. Swamy, "Experiences in performance testing of web applications with Unified Authentication platform using Jmeter," in Proc. Int. Symp. Technol. Manage. Emerg. Technol. (ISTMET), 2015.
[11] R. Kumar and M. J. Nene, "A survey on latest DoS attacks: classification and defense mechanisms," Int. J. Innovative Res. Comput. Commun. Eng., vol. 1, no. 8, 2013.
[12] R. Vasanth and D. J. Samuel, "Providing Data Security in Deep Learning by Using Genomic Procedure," in Artificial Intelligence and Evolutionary Computations in Engineering Systems, S. Dash, C. Lakshmi, S. Das, B. Panigrahi, Eds. Singapore: Springer, 2020, pp. 257–266.
[13] S. M. Lee, "Distributed denial of service: taxonomies of attacks, tools, and countermeasures," in Proc. Int. Workshop Secur. Parallel Distrib. Syst., San Francisco, CA, USA, 2004, pp. 543–550.
[14] H.-I. Liu and K.-C. Chang, "Defending systems against tilt DDoS attacks," in Proc. 6th Int. Conf. Telecommun. Syst., Services, Appl. (TSSA), 2011.
[15] G. Maciá-Fernández, J. E. Díaz-Verdejo, and P. García-Teodoro, "Evaluation of a low-rate dos attack against iterative servers," Comput. Netw., vol. 51, no. 4, pp. 1013–1030, 2007.
[16] T. Saba, A. Rehman, T. Sadad, H. Kolivand, and S. A. Bahaj, "Anomaly-based intrusion detection system for IoT networks through deep learning model," Comput. Electr. Eng., vol. 99, p. 107810, 2022.
[17] G. Macia-Fernandez, J. Diaz-Verdejo, and P. Garcia-Teodoro, "Mathematical model for low-rate dos attacks against application servers," IEEE Trans. Inf. Forensics Security, vol. 4, no. 3, pp. 519–529, 2009.
[18] N. Moustafa, "A new distributed architecture for evaluating AI-based security systems at the edge: network TON_IoT datasets," Sustain. Cities Soc., vol. 72, p. 102994, 2021.
[19] R. Vasanth and A. Pandian, "Prediction of Elephant Movement Using Intellectual Virtual Fencing Model," J. Circuits, Syst. Comput., vol. 32, no. 06, p. 2350107, 2023.
[20] S. Nandy, M. Adhikari, M. A. Khan, V. G. Menon, and S. Verma, "An intrusion detection mechanism for secured IoMT framework based on swarm-neural network," IEEE J. Biomed. Health Inform., 2021.
[21] P. Negandhi, Y. Trivedi, and R. Mangrulkar, "Intrusion detection system using random forest on the NSL-KDD dataset," in Emerging Research in Computing, Information, Communication and Applications. Springer, 2019, pp. 519–531.
[22] A. Ng and S. Selvakumar, "Anomaly detection framework for Internet of things traffic using vector convolutional deep learning approach in fog environment," Future Gener. Comput. Syst., vol. 113, pp. 255–265, 2020.
[23] Pu, "Sybil attack in RPL-based Internet of Things: analysis and defenses," IEEE Internet Things J., vol. 7, no. 6, pp. 4937–4949, 2020.
[24] J. Su, S. He, and Y. Wu, "Features selection and prediction for IoT attacks," High-Confidence Comput., vol. 2, no. 2, p. 100047, 2022.
[25] K. Singh, R. K. Gupta, and M. Sharma, "A Survey on Security Issues and Challenges in Internet of Things (IoT)," J. Comput. Netw. Commun, vol. 2021, pp. 1–14, 2021.
[26] L. Zhang, X. Chen, and J. Li, "A Novel Approach for Detecting DDoS Attacks in IoT Networks Using Machine Learning Techniques," J. Ambient Intell. Humaniz. Comput, vol. 12, no. 6, pp. 6451–6462, Jun. 2021.
[27] Pu, S. Lim, J. Chae, and B. Jung, "Active detection in mitigating routing misbehavior for MANETs," Wirel. Netw., vol. 25, no. 4, pp. 1669–1683, 2019.
[28] Cisco, "Cisco Connected Grid Security for Field Area Network—White Paper," Cisco, San Jose, CA, USA, 2012.
[29] T. Winter and P. Thubert, "RPL: IPv6 routing protocol for low-power and lossy networks," IETF, RFC 6550, Mar. 2012.
[30] H.-S. Kim, J. Ko, D. E. Culler, and J. Paek, "Challenging the IPv6 routing protocol for low-power and lossy networks (RPL): A survey," IEEE Commun. Surveys Tuts, vol. 19, no. 4, pp. 2502–2525, 4th Quart., 2017.