Robust Intrusion Detection System Using an Improved Hybrid Deep Learning Model for Binary and Multi-Class Classification in IoT Networks

Robust Intrusion Detection System Using an Improved Hybrid Deep Learning Model for Binary and Multi-Class Classification in IoT Networks

The rapid expansion of internet of things (IoT) applications has significantly boosted productivity and streamlined daily activities. However, this widespread adoption has also introduced considerable security challenges, making IoT environments vulnerable to large-scale botnet attacks. These attack...

Full description

Saved in:
Bibliographic Details
Main Authors: Hesham Kamal, Maggie Mashaly
Format: Article
Language:English
Published: MDPI AG 2025-03-01
Series:Technologies
Subjects:
ADASYN
CNN-MLP
deep learning
DL
DNN
ENN
Online Access:https://www.mdpi.com/2227-7080/13/3/102
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The rapid expansion of internet of things (IoT) applications has significantly boosted productivity and streamlined daily activities. However, this widespread adoption has also introduced considerable security challenges, making IoT environments vulnerable to large-scale botnet attacks. These attacks have often succeeded in achieving their malicious goals, highlighting the urgent need for robust detection strategies to secure IoT networks. To overcome these obstacles, this research presents an innovative anomaly-driven intrusion detection approach specifically tailored for IoT networks. The proposed model employs an advanced hybrid architecture that seamlessly integrates convolutional neural networks (CNN) with multilayer perceptron (MLP), enabling precise detection and classification of both binary and multi-class IoT network traffic. The CNN component is responsible for extracting and enhancing features from network traffic data and preparing these features for effective classification by the MLP, which handles the final classification task. To further manage class imbalance, the model incorporates the enhanced hybrid adaptive synthetic sampling-synthetic minority oversampling technique (ADASYN-SMOTE) for binary classification, advanced ADASYN for multiclass classification, and employs edited nearest neighbors (ENN) alongside class weights. The CNN-MLP architecture is meticulously crafted to minimize erroneous classifications, enhance instantaneous threat detection, and precisely recognize previously unseen cyber intrusions. The model’s effectiveness was rigorously tested using the IoT-23 and NF-BoT-IoT-v2 datasets. On the IoT-23 dataset, the model achieved 99.94% accuracy in two-stage binary classification, 99.99% accuracy in multiclass classification excluding the normal class, and 99.91% accuracy in single-phase multiclass classification including the normal class. Utilizing the NF-BoT-IoT-v2 dataset, the model attained an exceptional 99.96% accuracy in the dual-phase binary classification paradigm, 98.02% accuracy in multiclass classification excluding the normal class, and 98.11% accuracy in single-phase multiclass classification including the normal class. The results demonstrate that our model consistently delivers high levels of accuracy, precision, recall, and F1 score across both binary and multiclass classifications, establishing it as a robust solution for securing IoT networks.
ISSN:2227-7080

Similar Items