Skip to main content
SpringerLink
Log in

Analysis of Intrusion Detection Using Ensemble Stacking-Based Machine Learning Techniques in IoT Networks

  • Conference paper
  • First Online:
Proceedings of the 2023 International Conference on Advances in Computing Research (ACR’23) (ACR 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 700))

Included in the following conference series:

  • 381 Accesses

Abstract

In the past few years, numerous machine learning techniques have been employed in IoT networks to develop Intrusion Detection Systems (IDS) that differentiate abnormal activities caused by malicious intruders from the typical network behavior. Due to the large volume of data produced by IoT devices, it is challenging to perform real-time classification of data to find any abnormal patterns. Single classifier-based approaches are considered to be simple and straightforward but may not be able to capture all the relevant information in the data, leading to suboptimal performance. To overcome the weaknesses of single classifiers, it is often beneficial to use an ensemble of classifiers, such as a random forest or a gradient-boosted trees model, which can capture a wider range of patterns in the data and lead to improved performance. However, ensemble models can be computationally expensive to train especially when using large numbers of base classifiers making it difficult to scale the models to large datasets, such as of IoT. This paper presents a detailed empirical analysis of the comparative performance of single classifier versus ensemble models for intrusion detection in IoT networks by utilizing two benchmark datasets in the Internet of Things: NSL-KDD and UNSW-NB15. It has been observed that under certain conditions, the performance of single classifier-based IDS surpasses the ensemble stacking approaches. Moreover, training/testing dataset selection has a major impact on overall validation and testing performance of the models. Based on the empirical observations, we use a novel method known as ensemble stacking approach that outperforms the baselines for the selected datasets. The research provides a detailed insight into the impact of various classifiers and dataset features on the performance of IDS in IoT environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Atzoria, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  MATH  Google Scholar 

  2. Kardi, A., Zagrouba, R.: Attacks classification and security mechanisms in wireless sensor networks. Adv. Sci. Technol. Eng. Syst. J. 4(6), 229–243 (2019)

    Article  Google Scholar 

  3. Jha, S., Nkenyereye, L., Joshi, G.P., Yang, E.: Mitigating and monitoring smart city using internet of things. Comput. Mater. Continua 65(2), 1059–1079 (2020)

    Article  Google Scholar 

  4. Abbas, S., Khan, M.A., Falcon Morales, L.E., Rehman, A., Mahmoud, M.E., Zeb, A.: Modelling, simulation and optimization of power plan energy sustainability for IoT enabled smart cities empowered with deep extreme leaning machine. IEEE Access 8(1), 39982–39997 (2020)

    Google Scholar 

  5. Alhajri, R., Zagrouba, R., Al-Haidari, F.: Survey for anomaly detection of IoT botnets using machine learning auto-encoders. Int. J. Appl. Eng. Res. 14(1), 2417–2421 (2019)

    Google Scholar 

  6. Ahmad, Z., Khan, A. S., Shiang, C. W., Abdullah, J., Ahmad, F.: Network intrusion detection system: a systematic study of machine learning and deep learning approaches. Emerg. Telecommun. Technol. 3(1), 70-99 (2020)

    Google Scholar 

  7. Javaid, U., Siang, A.K., Aman, M.N., Sikdar, B.: Mitigating loT device based DDoS attacks using blockchain. In: Proceedings of the 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems, vol. 1, no. 2, pp. 71–76 (2018)

    Google Scholar 

  8. Ting, P.Y., Tsai, J.L., Wu, T.S.: Signcryption method suitable for low-power IoT devices in a wireless sensor network. IEEE Syst. J. 12(3), 2385–2394 (2018)

    Article  Google Scholar 

  9. Moinet, A., Darties, B., Baril, J.L.: Blockchain based trust and authentication for decentralized sensor networks. Comput. Sci. Cryptogr. Secur. 1(1), 1–6 (2017)

    Google Scholar 

  10. Rashid, M., Kamruzzaman, J., Imam, T., Wibowo, S., Gordon, S.: A tree-based stacking ensemble technique with feature selection for network intrusion detection. Appl. Intell. 1(2), 9768–9781 (2022)

    Google Scholar 

  11. Bamhdi, A.M., Abrar, I., Masoodi, F.: An ensemble based approach for effective intrusion detection using majority voting. Telecommun. Comput. Electr. Control 19(2), 1–15 (2021)

    Google Scholar 

  12. Rajagopal, S., Kundapur, P.P., Hareesha, K.S.: A stacking ensemble for network intrusion detection using heterogeneous datasets. Secur. Commun. Netw. 2020(1), 1–9 (2020)

    Article  Google Scholar 

  13. Canadian Institute for Cybersecurity: NSL-KDD dataset [Online]. Available: https://www.unb.ca/cic/datasets/nsl.html. Accessed 24 Feb 2023

  14. The UNSW-NB15 Dataset. [Online]. Available: https://research.unsw.edu.au/projects/unsw-nb15-dataset. Accessed 24 Feb. 2023

  15. Zhang, H., Li, J.L., Liu, X.M., Dong, C.: Multi-dimensional feature fusion and stacking ensemble mechanism for network intrusion detection. Futur. Gener. Comput. Syst. 122(1), 130–143 (2021)

    Article  Google Scholar 

  16. Dutta, V., Choraś, M., Pawlicki, M., Kozik, R.: A deep learning ensemble for network anomaly and cyber-attack detection. MDPI 20(16), 1–15 (2020)

    Google Scholar 

  17. Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J., Alazab, A.: Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine. Electronics 9(1), 1–15 (2020)

    Article  Google Scholar 

  18. Soleymanzadeh, R., Aljasim, M., Qadeer, M.W.: Cyberattack and fraud detection using ensemble stacking. Artif. Intell. 3(1), 22–36 (2022)

    Google Scholar 

  19. Rahman, M.A., Asyhari, A.T., Wen, O.W., Ajra, H., Ahmed, Y., Anwar, F.: Effective combining of feature selection techniques for machine learning-enabled IoT intrusion detection. Multimed. Tools Appl. 80(20), 31381–31399 (2021). https://doi.org/10.1007/s11042-021-10567-y

    Article  Google Scholar 

  20. Kumar, P., Gupta, G.P., Tripathi, R.: A distributed ensemble design based intrusion detection system using fog computing to protect the internet of things networks. J. Ambient. Intell. Humaniz. Comput. 12(1), 9555–9572 (2020). https://doi.org/10.1007/s12652-020-02696-3

    Article  Google Scholar 

  21. Abdulrahaman, M. D., Alhassan, J.K.: Ensemble learning approach for the enhancement of performance of intrusion detection system. In: International Conference on Information and Communication Technology and its Application, vol. 2, no. 1, pp. 1–14 (2018)

    Google Scholar 

  22. Illy, P., Kaddoum, G., Mirand, C.: Securing fog-to-things environment using intrusion detection system based on ensemble learning. In: IEEE Wireless Communications and Networking Conference (WCNC), vol. 12, no. 4, pp. 1–7 (2019)

    Google Scholar 

  23. Verma, A., Ranga, V.: Machine learning based intrusion detection systems for IoT applications. Wirel. Pers. Commun. 16(3), 2287–2310 (2019). https://doi.org/10.1007/s11277-019-06986-8

    Article  Google Scholar 

  24. Li, X., et al.: Sustainable ensemble learning driving intrusion detection model. IEEE Trans. Dependable Secure Comput. 18(4), 1591–1604 (2021)

    Google Scholar 

  25. Attota, D.C., Mothukuri, V., Parizi, R.M., Pouriyeh, S.: An ensemble multi-view federated learning intrusion detection for IoT. IEEE Access 9(3), 117734–117745 (2021)

    Google Scholar 

  26. Abbas, A., Khan, M.A., Latif, S., Ajaz, M., Shah, A.A., Ahmad, J.: A new ensemble-based intrusion detection system for internet of things. Arab. J. Sci. Eng. 47, 1–15 (2021). https://doi.org/10.1007/s13369-021-06086-5

    Article  Google Scholar 

  27. Ahmad, M., Riaz, Q., Zeeshan, M., Tahir, H., Haider, S.A., Khan, M.S.: Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set. Wirel. Commun. Netw. 10(1), 1–23 (2021). https://doi.org/10.1186/s13638-021-01893-8

    Article  Google Scholar 

  28. Yin, Y., Jaccard, J.J., Singh, A., Zhu, J., Sabrina, F., Kwak, J.: IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset. J. Big Data 10(2), 1–26 (2023)

    Google Scholar 

  29. Gad, A.R., Nashat, A.A., Barkat, T.A.: Intrusion detection system using machine learning for vehicular ad hoc networks based on ToN-IoT dataset. IEEE Access 9(3), 1–12 (2021)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Artificial Intelligence Research Center (AIRC), Ajman University, Ajman, UAE

    Rao Naveed Bin Rais

  2. Department of Computer Science, COMSATS University Islamabad (CUI), Islamabad, Pakistan

    Osman Khalid, Jazib-e Nazar & Muhammad Usman Shahid Khan

Authors
  1. Rao Naveed Bin Rais
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Osman Khalid
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jazib-e Nazar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Usman Shahid Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rao Naveed Bin Rais .

Editor information

Editors and Affiliations

  1. University of Detroit Mercy, Detroit, MI, USA

    Kevin Daimi

  2. Charles Sturt University, Sydney, NSW, Australia

    Abeer Al Sadoon

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rais, R.N.B., Khalid, O., Nazar, Je., Khan, M.U.S. (2023). Analysis of Intrusion Detection Using Ensemble Stacking-Based Machine Learning Techniques in IoT Networks. In: Daimi, K., Al Sadoon, A. (eds) Proceedings of the 2023 International Conference on Advances in Computing Research (ACR’23). ACR 2023. Lecture Notes in Networks and Systems, vol 700. Springer, Cham. https://doi.org/10.1007/978-3-031-33743-7_27

Download citation

Publish with us

Policies and ethics

Search

Navigation