IOT DATA-DRIVEN INTRUSION DETECTION: HARNESSING ENSEMBLE TECHNIQUES FOR ENHANCED SECURITY

Abstract

With the current developments in IoT devices in the modern business environment, there exists a virtuous link between various areas and a notable improvement in processing information. That is, while the increase in IoT networks has brought these benefits in the last couple of years, it has also presented security issues with the major one being on how to shield IoT networks from potential unauthorized access. This thesis aims to design an efficient IDS intended for the identification and prevention of security threats in real-time by integrating the benefits of ML and DL methodologies. The contributions of this work are that this study for the first time has proposed an ensemble learning model for enhancing IDS in IoT environments using SVM, RF, and KNN, which outperforms the conventional ML and DL IDS. The research starts with the analysis of the existing literature to determine the shortcomings of the conventional IDS methods and discuss the prospect of using ML and DL for IDS improvement. Collection of data from IoT devices and its initial processing and application of the discussed models, namely, SVM, Decision trees, Random forests, CNN, and LSTM are described. The experimental results shown in the study showed that the proposed ensemble learning model had the highest accuracy of 0. 89, precision of 0. 90, recall of 0. 88, recall rate of 92, Precision rate of 92, and F1 score of 0. 87. However, most of the individual deep learning models such as CNN and LSTM had comparatively low accuracy of 0. 63 and 0. 52 and 65, respectively, for our models when no hyperparameter tuning has been done. In this research, the proposed IDS has a strong ensemble learning framework of individual ML models that has not been investigated and established before. The proposed ensemble framework increases the accuracy and generalization capabilities while decreasing false alarms making it a more accurate and scalable solution for real-time IoT intrusion detection. It also presents ideas for future work to enhance the results using more efficient computation and to look at future work that combines both types of models. Last of all, as part of the discussions made in this paper, recommendations to improve advanced IDS solutions are provided to increase the protection of IoT networks against future cyber threats.