An Efficient Distributed Intrusion Detection System that Combines Traditional Machine Learning Techniques with Advanced Deep Learning
Article Sidebar
Main Article Content
Abstract
The Internet of Things (IoT), as a network of connected devices, enhances modern life but also introduces significant security vulnerabilities. Addressing these challenges requires intelligent and adaptive cybersecurity systems to ensure secure communication and protection against emerging threats. Among these systems, intrusion detection systems (IDSs) play a vital role in safeguarding IoT environments by continuously monitoring network traffic, detecting abnormal activities, and identifying or preventing unauthorized access and denial-of-service (DoS) attacks. However, despite their importance, IDSs face several limitations, including high false positive and false negative rates, delayed response times to security incidents, and substantial consumption of device resources.
This paper proposes a framework for designing and implementing a hybrid for distributed intrusion detection system (DIDS) that combines traditional machine learning and advanced deep learning techniques. The model uses the random forest (RF) algorithm for feature selection (FS) and principal component analysis (PCA) for dimensionality reduction. Additionally, it integrates enhanced deep learning (DL) approaches, including an improved density peak clustering (DPC) algorithm for optimized feature representation and an enhanced long short-term memory (LSTM) algorithm for classification and model training. The proposed model is evaluated on the CICIOT2023 dataset, which reflects realistic network communication behavior alongside synthetically generated attack activities. The experimental results demonstrate a significant improvement in detection accuracy, achieving a detection rate of 97.88% while maintaining efficient resource consumption—making the system suitable for distributed deployment to monitor network traffic and generate alerts in the event of an attack.
Article Details
Issue
Section
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
References
[1] S. Layeghy, M. Baktashmotlagh, and M. Portmann, “DI‑NIDS: Domain invariant network intrusion detection system,” Knowledge‑Based Syst., 2023, doi:10.1016/j.knosys.2023.110626.
[2] Z. Chiba, N. Abghour, K. Moussaid, O. Lifandali, and R. Kinta, “A deep study of novel intrusion detection systems and intrusion prevention systems for Internet of Things networks,” Procedia Comput. Sci., vol. 210, pp. 94–103, 2022.
[3] S. Jain, P. M. Pawar, and R. Muthalagu, “Hybrid intelligent intrusion detection system for Internet of Things,” Telemat. Inform. Rep., vol. 8, 2022, doi:10.1016/j.teler.2022.100030.
[4] C. A. de Souza, C. B. Westphall, R. B. Machado, L. Loffi, C. M. Westphall, and G. A. Geronimo, “Intrusion detection and prevention in fog based IoT environments: A systematic literature review,” Comput. Netw., vol. 214, 2022, doi:10.1016/j.comnet.2022.109154.
[5] A. Meryem, “Hybrid intrusion detection system using machine learning,” 2020. [Online]. Available: www.idg.com/
[6] A. Chakraborti, R. Curtmola, J. Katz, J. Nieh, A.‑R. Sadeghi, R. Sion, and Y. Zhang, “Cloud computing security: Foundations and research directions,” Privacy Secur., vol. 3, no. 2, pp. 103–213, 2022.
[7] M. Botacin, M. Z. Alves, D. Oliveira, and A. Grégio, “A hardware‑enhanced antivirus engine to accelerate real‑time, signature‑based malware detection,” Expert Syst. Appl., vol. 201, 2022.
[8] A. T. Assy, Y. Mostafa, A. A. El‑khaleq, and M. Mashaly, “Anomaly‑based intrusion detection system using one‑dimensional convolutional neural network,” Procedia Comput. Sci., vol. 220, pp. 78–85, 2023, doi:10.1016/j.procs.2023.03.013.
[9] S. Jain, P. M. Pawar, and R. Muthalagu, “Hybrid intelligent intrusion detection system for Internet of Things,” Telemat. Inform. Rep., vol. 8, 2022, doi:10.1016/j.teler.2022.100030.
[10] H. Bangui and B. Buhnova, “Recent advances in machine‑learning driven intrusion detection in transportation: Survey,” Procedia Comput. Sci., vol. 184, pp. 877–886, 2021, doi:10.1016/j.procs.2021.04.014.
[11] S. A. Bakhsh, M. A. Khan, F. Ahmed, M. S. Alshehri, H. Ali, and J. Ahmad, “Enhancing IoT network security through deep learning‑powered intrusion detection system,” Internet Things, vol. 24, 2023, doi:10.1016/j.iot.2023.100936.
[12] D. M. Parameswari, D. Kanimozhi, S. Karthika, C. Madhumitha, K. Madhumitha, and A. Professor, “Intrusion detection system using PCA with random forest approach,” IJCRT, vol. 12, 2024. [Online]. Available: www.ijcrt.org
[13] F. E. Laghrissi, S. Douzi, K. Douzi, and B. Hssina, “Intrusion detection systems use long short‑term memory (LSTM),” J. Big Data, vol. 8, no. 1, 2021, doi:10.1186/s40537-021-00448-4.
[14] Y. Shen, B. Mercatoris, Z. Cao, P. Kwan, L. Guo, H. Yao, and Q. Cheng, “Improving wheat yield prediction accuracy using LSTM‑RF framework based on UAV thermal infrared and multispectral imagery,” Agriculture, vol. 12, no. 6, 2022, doi:10.3390/agriculture12060892.
[15] D. D. Reddy and G. HimaBindu, “A long‑short term memory model‑based approach for smart intrusion detection systems,” in *Proc. 15th Int. Conf. Comput. Commun. Netw. Technol.* (ICCCNT), 2024, pp. 1–4, doi:10.1109/ICCCNT61001.2024.10725547.
[16] S. Subbash, L. Parashar, and U. Singh, “Intrusion detection system using PCA with random forest approach,” in *IEEE*, 2020.
[17] N. J. Seth, T. Bandhekar, and S. Yadav, “Title unknown,” *JETIR*, vol. 6, 2019. [Online]. Available: www.jetir.org
[18] T. Wu, H. Fan, H. Zhu, C. You, H. Zhou, and X. Huang, “Intrusion detection system combined enhanced random forest with SMOTE algorithm,” EURASIP J. Adv. Signal Process., vol. 2022, no. 1, 2022, doi:10.1186/s13634-022-00871-6.
[19] S. Wali and I. Khan, “Explainable AI and random forest based reliable intrusion detection system,” TechRxiv, 2021, doi:10.36227/techrxiv.17169080.v1.