Mansour Lmkaiti, Ibtissam Larhlimi, Maryem Lachgar, Houda Moudni and Hicham Mouncif
Framework for Intrusion Detection in IoT Networks: Dataset Design and Machine Learning Analysis
This study explores the development of robust Intrusion Detection Systems (IDS) to enhance cybersecurity in Wireless Sensor Networks (WSNs) within the evolving Internet of Things (IoT) ecosystem. It leverages a publicly available dataset derived from UNSW-NB15, retrieved from a GitHub repository, capturing diverse network traffic attributes (dttl, swin, dwin, tcprtt, synack, ackdat), protocol-specific indicators (proto tcp, proto udp), and service-specific attributes (service dns). These features enable precise analysis of TCP/IP headers and traffic patterns, supporting multi-class classification into four categories: Analysis, Denial of Service (DoS), Exploits, and Normal. Advanced machine learning algorithms, including Random Forest, Support Vector Machines (SVM), and K-Nearest Neighbors (KNN), were applied with systematic preprocessing (including KNN-based imputation, normalization, and one-hot encoding), feature selection using Random Forest importance, and 5-fold cross-validation. The best performance was achieved by Random Forest (accuracy, precision, recall, and F1-score of 99.9877%), followed by KNN (99.9754%) and SVM (99.9630%). The study demonstrates that combining well-structured models with relevant protocol-level features and robust evaluation strategies can significantly enhance intrusion detection capabilities in IoT-based environments. It reinforces the value of using modern public datasets and interpretable algorithms for building scalable and reliable IDS solutions.
Reference:
DOI: 10.36244/ICJ.2025.2.8
Please cite this paper the following way:
Mansour Lmkaiti, Ibtissam Larhlimi, Maryem Lachgar, Houda Moudni and Hicham Mouncif "Framework for Intrusion Detection in IoT Networks: Dataset Design and Machine Learning Analysis", Infocommunications Journal, Vol. XVII, No 2, June 2025, pp. 61-71., https://doi.org/10.36244/ICJ.2025.2.8