Ensemble Learning approach to Enhancing Binary Classification in Intrusion Detection System for Internet of Things
Abstract
The Internet of Things (IoT) has experienced significant growth and plays a crucial role in daily activities. However, along with its development, IoT is very vulnerable to attacks and raises concerns for users. The Intrusion Detection System (IDS) operates efficiently to detect and identify suspicious activities within the network. The primary source of attacks originates from external sources, specifi-cally from the internet attempting to transmit data to the host network. IDS can identify unknown attacks from network traffic and has become one of the most effective network security. Classification is used to distinguish between normal class and attacks in binary classification problem. As a result, there is a rise in the false positive rates and a decrease in the detection accuracy during the model's training. Based on the test results using the ensemble technique with the ensemble learning XGBoost and LightGBM algorithm, it can be concluded that both binary classification problems can be solved. The results using these ensemble learning algorithms on the ToN IoT Dataset, where binary classification has been performed by combining multiple devices into one, have demonstrated improved accuracy. Moreover, this ensemble approach ensures a more even distribution of accuracy across each device, surpassing the findings of previous research.
References
M. A. Khan et al., “Voting Classifier-Based Intrusion Detection for IoT Networks,” pp. 313–328, 2022, doi: 10.1007/978-981-16-5559-3_26.
A. Azmoodeh, A. Dehghantanha, and K. K. R. Choo, “Robust Malware Detection for Internet of (Battlefield) Things Devices Using Deep Eigenspace Learning,” IEEE Trans. Sustain. Comput., vol. 4, no. 1, pp. 88–95, 2019, doi: 10.1109/TSUSC.2018.2809665.
M. M. Islam, A. Rahaman, and M. R. Islam, “Development of Smart Healthcare Monitoring System in IoT Environment,” SN Comput. Sci., vol. 1, no. 3, pp. 1–11, 2020, doi: 10.1007/s42979-020-00195-y.
G. Mois, S. Folea, and T. Sanislav, “Analysis of Three IoT-Based Wireless Sensors for Environmental Monitoring,” IEEE Trans. Instrum. Meas., vol. 66, no. 8, pp. 2056–2064, 2017, doi: 10.1109/TIM.2017.2677619.
E. Sisinni, A. Saifullah, S. Han, U. Jennehag, and M. Gidlund, “Industrial internet of things: Challenges, opportunities, and directions,” IEEE Trans. Ind. Informatics, vol. 14, no. 11, pp. 4724–4734, 2018, doi: 10.1109/TII.2018.2852491.
L. Nie et al., “Intrusion Detection in Green Internet of Things: A Deep Deterministic Policy Gradient-Based Algorithm,” IEEE Trans. Green Commun. Netw., vol. 5, no. 2, pp. 778–788, 2021, doi: 10.1109/TGCN.2021.3073714.
G. Falco, C. Caldera, and H. Shrobe, “IIoT Cybersecurity Risk Modeling for SCADA Systems,” IEEE Internet Things J., vol. 5, no. 6, pp. 4486–4495, 2018, doi: 10.1109/JIOT.2018.2822842.
E. Farzadnia, H. Shirazi, and A. Nowroozi, “A novel sophisticated hybrid method for intrusion detection using the artificial immune system,” J. Inf. Secur. Appl., vol. 58, no. February, p. 102721, 2021, doi: 10.1016/j.jisa.2020.102721.
A. H. Azizan et al., “A machine learning approach for improving the performance of network intrusion detection systems,” Ann. Emerg. Technol. Comput., vol. 5, no. Special issue 5, pp. 201–208, 2021, doi: 10.33166/AETiC.2021.05.025.
N. Moustafa, M. Ahmed, and S. Ahmed, “Data Analytics-enabled Intrusion Detection: Evaluations of ToN IoT Linux Datasets,” in Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020, 2020, pp. 727–735, doi: 10.1109/TrustCom50675.2020.00100.
J. Liu, Y. Gao, and F. Hu, “A fast network intrusion detection system using adaptive synthetic oversampling and LightGBM,” Comput. Secur., vol. 106, p. 102289, 2021, doi: 10.1016/j.cose.2021.102289.
A. Kumar, A. Abdelhadi, and C. Clancy, “Novel anomaly detection and classification schemes for Machine-to-Machine uplink,” in Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018, 2019, pp. 1284–1289, doi: 10.1109/BigData.2018.8622142.
B. Cao, C. Li, Y. Song, and X. Fan, “Network Intrusion Detection Technology Based on Convolutional Neural Network and BiGRU,” Comput. Intell. Neurosci., vol. 2022, 2022, doi: 10.1155/2022/1942847.
P. Kumar, G. P. Gupta, and R. Tripathi, “An ensemble learning and fog-cloud architecture-driven cyber-attack detection framework for IoMT networks,” Comput. Commun., vol. 166, pp. 110–124, 2021, doi: https://doi.org/10.1016/j.comcom.2020.12.003.
A. Alsaedi, N. Moustafa, Z. Tari, A. Mahmood, and A. N. Anwar, “TON-IoT telemetry dataset: A new generation dataset of IoT and IIoT for data-driven intrusion detection systems,” IEEE Access, vol. 8, pp. 165130–165150, 2020, doi: 10.1109/ACCESS.2020.3022862.
A. R. Gad, A. A. Nashat, and T. M. Barkat, “Intrusion Detection System Using Machine Learning for Vehicular Ad Hoc Networks Based on ToN-IoT Dataset,” IEEE Access, vol. 9. pp. 142206–142217, 2021, doi: 10.1109/ACCESS.2021.3120626.
N. Mane, A. Verma, and A. Arya, “A Pragmatic Optimal Approach for Detection of Cyber Attacks using Genetic Programming,” in 20th IEEE International Symposium on Computational Intelligence and Informatics, CINTI 2020 - Proceedings, 2020, pp. 71–76, doi: 10.1109/CINTI51262.2020.9305844.
A. O. Alzahrani and M. J. F. Alenazi, “Designing a network intrusion detection system based on machine learning for software defined networks,” Futur. Internet, vol. 13, no. 5, 2021, doi: 10.3390/fi13050111.
P. Kumar, G. P. Gupta, and R. Tripathi, “An ensemble learning and fog-cloud architecture-driven cyber-attack detection framework for IoMT networks,” Comput. Commun., vol. 166, pp. 110–124, 2021, doi: 10.1016/j.comcom.2020.12.003.
A. R. Gad, A. A. Nashat, and T. M. Barkat, “Intrusion Detection System Using Machine Learning for Vehicular Ad Hoc Networks Based on ToN-IoT Dataset,” IEEE Access, vol. 9, no. October, pp. 142206–142217, 2021, doi: 10.1109/ACCESS.2021.3120626.
Y. Zhou, G. Cheng, S. Jiang, and M. Dai, “Building an efficient intrusion detection system based on feature selection and ensemble classifier,” Comput. Networks, vol. 174, p. 107247, 2020, doi: https://doi.org/10.1016/j.comnet.2020.107247.
H. Jiang, Z. He, G. Ye, and H. Zhang, “Network Intrusion Detection Based on PSO-Xgboost Model,” IEEE Access, vol. 8, pp. 58392–58401, 2020, doi: 10.1109/ACCESS.2020.2982418.
X. Ma, J. Sha, D. Wang, Y. Yu, Q. Yang, and X. Niu, “Study on a prediction of P2P network loan default based on the machine learning LightGBM and XGboost algorithms according to different high dimensional data cleaning,” Electron. Commer. Res. Appl., vol. 31, pp. 24–39, 2018, doi: 10.1016/j.elerap.2018.08.002.
T. Chen and C. Guestrin, “XGBoost: A scalable tree boosting system,” Proc. ACM SIGKDD Int. Conf. Knowl. Discov. Data Min., vol. 13-17-Augu, pp. 785–794, 2016, doi: 10.1145/2939672.2939785.
G. Ke et al., “LightGBM: A highly efficient gradient boosting decision tree,” Adv. Neural Inf. Process. Syst., vol. 2017-Decem, no. Nips, pp. 3147–3155, 2017.
G. Pietropolli, L. Manzoni, A. Paoletti, and M. Castelli, “Combining Geometric Semantic GP with Gradient-Descent Optimization,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2022, vol. 13223 LNCS, pp. 19–33, doi: 10.1007/978-3-031-02056-8_2.
H. C. Husada and A. S. Paramita, “Analisis Sentimen Pada Maskapai Penerbangan di Platform Twitter Menggunakan Algoritma Support Vector Machine (SVM),” Teknika, vol. 10, no. 1, pp. 18–26, 2021, doi: 10.34148/teknika.v10i1.311.
A. Agarwal, P. Sharma, M. Alshehri, A. A. Mohamed, and O. Alfarraj, “Classification model for accuracy and intrusion detection using machine learning approach,” PeerJ Comput. Sci., vol. 7, pp. 1–22, 2021, doi: 10.7717/PEERJ-CS.437.
X. Liu et al., “NADS-RA: Network Anomaly Detection Scheme Based on Feature Representation and Data Augmentation,” IEEE Access, vol. 8, pp. 214781–214800, 2020, doi: 10.1109/ACCESS.2020.3040510.
P. Henrique et al., “Impact of Feature Selection Methods on the Classification of DDoS Attacks using XGBoost,” J. Commun. Inf. Syst., vol. 36, no. 1, 2021.
I. Benmessahel, K. Xie, and M. Chellal, “A new evolutionary neural networks based on intrusion detection systems using multiverse optimization,” Appl. Intell., vol. 48, no. 8, pp. 2315–2327, 2018, doi: 10.1007/s10489-017-1085-y.
Additional Files
Published
Issue
Section
License
Copyright (c) 2024 International Journal of Electronics and Telecommunications

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
1. License
The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.
2. Author’s Warranties
The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.
3. User Rights
Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.
4. Rights of Authors
Authors retain the following rights:
- copyright, and other proprietary rights relating to the article, such as patent rights,
- the right to use the substance of the article in own future works, including lectures and books,
- the right to reproduce the article for own purposes, provided the copies are not offered for sale,
- the right to self-archive the article
- the right to supervision over the integrity of the content of the work and its fair use.
5. Co-Authorship
If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.
6. Termination
This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.
7. Royalties
This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.
8. Miscellaneous
The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.
By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.