Explore the vast range of titles available.

Following the recent advances in wireless communication leading to increased Internet of Things (IoT) systems, many security threats are currently ravaging IoT systems, causing harm to information. Considering the vast application areas of IoT systems, ensuring that cyberattacks are holistically detected to avoid harm is paramount. Machine learning (ML) algorithms have demonstrated high capacity in helping to mitigate attacks on IoT devices and other edge systems with reasonable accuracy. However, the dynamics of operation of intruders in IoT networks require more improved IDS models capable of detecting multiple attacks with a higher detection rate and lower computational resource requirement, which is one of the challenges of IoT systems. Many ensemble methods have been used with different ML classifiers, including decision trees and random forests, to propose IDS models for IoT environments. The boosting method is one of the approaches used to design an ensemble classifier. This paper proposes an efficient method for detecting cyberattacks and network intrusions based on boosted ML classifiers. Our proposed model is named BoostedEnML. First, we train six different ML classifiers (DT, RF, ET, LGBM, AD, and XGB) and obtain an ensemble using the stacking method and another with a majority voting approach. Two different datasets containing high-profile attacks, including distributed denial of service (DDoS), denial of service (DoS), botnets, infiltration, web attacks, heartbleed, portscan, and botnets, were used to train, evaluate, and test the IDS model. To ensure that we obtained a holistic and efficient model, we performed data balancing with synthetic minority oversampling technique (SMOTE) and adaptive synthetic (ADASYN) techniques; after that, we used stratified K-fold to split the data into training, validation, and testing sets. Based on the best two models, we construct our proposed BoostedEnsML model using LightGBM and XGBoost, as the combination of the two classifiers gives a lightweight yet efficient model, which is part of the target of this research. Experimental results show that BoostedEnsML outperformed existing ensemble models in terms of accuracy, precision, recall, F-score, and area under the curve (AUC), reaching 100% in each case on the selected datasets for multiclass classification.

Wireless Local Area Network (WLAN) security management is now being confronted by rapid expansion in wireless network errors, flaws and assaults. In recent times, as computers are used extensively through network and application creation on numerous platforms, attention is provided to network security. This definition includes security vulnerabilities in both complicated and costly operating programs. Intrusion is also seen as a method of breaching security, completeness and availability. Intrusion Detection System (IDS) is an essential method for the identification of network security vulnerabilities and abnormalities. A variety of significant work has been carried out on intrusion detection technologies often seen as premature not as a complete method for countering intrusion. It has also become a most challenging and priority tasks for security experts and network administrators. Hence, it cannot be replaced by more secure systems. Data mining used for IDS can effectively identify intrusion and the identified intrusion values are used to predict further intrusion in future. This paper presents a detailed review of literature about how data mining techniques were utilized for intrusion detection. First, intrusion detection on various benchmark and real-time datasets by data mining techniques are studied in detail. Then, comparative study is conducted with their merits and demerits for identifying the challenges in those techniques and then this paper is concluded with suggestions of solutions for enhancing the efficiency of intrusion detection in the network.

The diverse usage of Unmanned Aerial Vehicles (UAVs) across commercial, military, and civil domains has significantly heightened the need for robust cybersecurity mechanisms. Given their reliance on wireless communications, real-time control systems, and sensor integration, UAVs are highly susceptible to cyber intrusions that can disrupt missions, compromise data integrity, or cause physical harm. This paper presents a comprehensive literature review of Intrusion Detection Systems (IDSs) that leverage artificial intelligence (AI) to enhance the security of UAV and UAV swarm environments. Through rigorous analysis of recent peer-reviewed publications, we have examined the studies in terms of AI model algorithm, dataset origin, deployment mode: centralized, distributed or federated. The classification also includes the detection strategy: online versus offline. Results show a dominant preference for centralized, supervised learning using standard datasets such as CICIDS2017, NSL-KDD, and KDDCup99, limiting applicability to real UAV operations. Deep learning (DL) methods, particularly Convolutional Neural Networks (CNNs), Long Short-term Memory (LSTM), and Autoencoders (AEs), demonstrate strong detection accuracy, but often under ideal conditions, lacking resilience to zero-day attacks and real-time constraints. Notably, emerging trends point to lightweight IDS models and federated learning frameworks for scalable, privacy-preserving solutions in UAV swarms. This review underscores key research gaps, including the scarcity of real UAV datasets, the absence of standardized benchmarks, and minimal exploration of lightweight detection schemes, offering a foundation for advancing secure UAV systems.

As the complexity and scale of the network environment increase continuously, various methods to detect attacks and intrusions from network traffic by classifying normal and abnormal network behaviors show their limitations. The number of network traffic signatures is increasing exponentially to the extent that semi-realtime detection is not possible. However, machine learning-based intrusion detection only gives simple guidelines as simple contents of security events. This is why security data for a specific environment cannot be configured due to data noise, diversification, and continuous alteration of a system and network environments. Although machine learning is performed and evaluated using a generalized data set, its performance is expected to be similar in that specific network environment only. In this study, we propose a high-speed outlier detection method for a network dataset to customize the dataset in real-time for a continuously changing network environment. The proposed method uses an ensemble-based noise data filtering model using the voting results of 6 classifiers (decision tree, random forest, support vector machine, naive Bayes, k-nearest neighbors, and logistic regression) to reflect the distribution and various environmental characteristics of datasets. Moreover, to prove the performance of the proposed method, we experimented with the accuracy of attack detection by gradually reducing the noise data in the time series dataset. As a result of the experiment, the proposed method maintains a training dataset of a size capable of semi-real-time learning, which is 10% of the total training dataset, and at the same time, shows the same level of accuracy as a detection model using a large training dataset. The improved research results would be the basis for automatic tuning of network datasets and machine learning that can be applied to special-purpose environments and devices such as ICS environments.

Detection of Denial-of-Service (DoS) Attack in IoT is challenging as these attacks happen at multiple layers of IoT architecture. Machine learning (ML)-based Intrusion Detection Systems (IDSs) are more efficient approaches in detecting such attacks by identifying anomalies than traditional ones. However, using a single ML algorithm in such IDS is not sufficiently able to detect DoS attacks as it may end up with over-fitting and under-fitting. In this paper, we propose an anomaly-based IDS (AIDS) using an ensemble learning technique to detect both single and cross-layer DoS attacks in IoT. The proposed model is designed by ensembling multiple ML models, which are K-nearest neighbor (KNN), Support Vector Machine (SVM), Decision Tree (DT), and Logistic Regression (LR). The novelty of the proposed AIDS is that it efficiently detects both single-layer and cross-layer DoS attacks in IoT. A comparative analysis shows a maximum detection accuracy of 96.5% for single-layer attacks and 94.98% for cross-layer attacks using a simulation environment.

The widespread acceptance and increase of the Internet and mobile technologies have revolutionized our existence. On the other hand, the world is witnessing and suffering due to technologically aided crime methods. These threats, including but not limited to hacking and intrusions and are the main concern for security experts. Nevertheless, the challenges facing effective intrusion detection methods continue closely associated with the researcher’s interests. This paper’s main contribution is to present a host-based intrusion detection system using a C4.5-based detector on top of the popular Consolidated Tree Construction (CTC) algorithm, which works efficiently in the presence of class-imbalanced data. An improved version of the random sampling mechanism called Supervised Relative Random Sampling (SRRS) has been proposed to generate a balanced sample from a high-class imbalanced dataset at the detector’s pre-processing stage. Moreover, an improved multi-class feature selection mechanism has been designed and developed as a filter component to generate the IDS datasets’ ideal outstanding features for efficient intrusion detection. The proposed IDS has been validated with state-of-the-art intrusion detection systems. The results show an accuracy of 99.96% and 99.95%, considering the NSL-KDD dataset and the CICIDS2017 dataset using 34 features.

This paper proposes a novel intrusion detection system (IDS), named RDTIDS, for Internet-of-Things (IoT) networks. The RDTIDS combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset and BoT-IoT dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.

This paper surveys the deep learning (DL) approaches for intrusion-detection systems (IDSs) in Internet of Things (IoT) and the associated datasets toward identifying gaps, weaknesses, and a neutral reference architecture. A comparative study of IDSs is provided, with a review of anomaly-based IDSs on DL approaches, which include supervised, unsupervised, and hybrid methods. All techniques in these three categories have essentially been used in IoT environments. To date, only a few have been used in the anomaly-based IDS for IoT. For each of these anomaly-based IDSs, the implementation of the four categories of feature(s) extraction, classification, prediction, and regression were evaluated. We studied important performance metrics and benchmark detection rates, including the requisite efficiency of the various methods. Four machine learning algorithms were evaluated for classification purposes: Logistic Regression (LR), Support Vector Machine (SVM), Decision Tree (DT), and an Artificial Neural Network (ANN). Therefore, we compared each via the Receiver Operating Characteristic (ROC) curve. The study model exhibits promising outcomes for all classes of attacks. The scope of our analysis examines attacks targeting the IoT ecosystem using empirically based, simulation-generated datasets (namely the Bot-IoT and the IoTID20 datasets).

There is a steep rise in the trend of the utility of Internet technology day by day. This tremendous increase ushers in a massive amount of data generated and handled. For apparent reasons, undivided attention is due for ensuring network security. An intrusion detection system plays a vital role in the field of the stated security. The proposed XGBoost–DNN model utilizes XGBoost technique for feature selection followed by deep neural network (DNN) for classification of network intrusion. The XGBoost–DNN model has three steps: normalization, feature selection, and classification. Adam optimizer is used for learning rate optimization during DNN training, and softmax classifier is applied for classification of network intrusions. The experiments were duly conducted on the benchmark NSL-KDD dataset and implemented using Tensor flow and python. The proposed model is validated using cross-validation and compared with existing shallow machine learning algorithms like logistic regression, SVM, and naive Bayes. The classification evaluation metrics such as accuracy, precision, recall, and F1-score are calculated and compared with the existing shallow methods. The proposed method outperformed over the existing shallow methods used for the dataset.

Due to the rapid growth in IT technology, digital data have increased availability, creating novel security threats that need immediate attention. An intrusion detection system (IDS) is the most promising solution for preventing malicious intrusions and tracing suspicious network behavioral patterns. Machine learning (ML) methods are widely used in IDS. Due to a limited training dataset, an ML-based IDS generates a higher false detection ratio and encounters data imbalance issues. To deal with the data-imbalance issue, this research develops an efficient hybrid network-based IDS model (HNIDS), which is utilized using the enhanced genetic algorithm and particle swarm optimization(EGA-PSO) and improved random forest (IRF) methods. In the initial phase, the proposed HNIDS utilizes hybrid EGA-PSO methods to enhance the minor data samples and thus produce a balanced data set to learn the sample attributes of small samples more accurately. In the proposed HNIDS, a PSO method improves the vector. GA is enhanced by adding a multi-objective function, which selects the best features and achieves improved fitness outcomes to explore the essential features and helps minimize dimensions, enhance the true positive rate (TPR), and lower the false positive rate (FPR). In the next phase, an IRF eliminates the less significant attributes, incorporates a list of decision trees across each iterative process, supervises the classifier’s performance, and prevents overfitting issues. The performance of the proposed method and existing ML methods are tested using the benchmark datasets NSL-KDD. The experimental findings demonstrated that the proposed HNIDS method achieves an accuracy of 98.979% on BCC and 88.149% on MCC for the NSL-KDD dataset, which is far better than the other ML methods i.e., SVM, RF, LR, NB, LDA, and CART.