A Scalable Hybrid RF-BiLSTM Framework for Reliable IoT Traffic Threat Detection via Feature Selection and Temporal Pattern Recognition
DOI:
https://doi.org/10.4108/eetiot.10283Keywords:
Internet of Things (IoT), Cyber Security, Random Forest (RF), Machine Learning, Sequential Learning, Feature Selection, Malicious Traffic Detection, IoT security Framework, BiLSTMAbstract
In this research, we addressed the recurring challenges of securing IoT networks against emerging cyber security threats. Taking advantage of the complementary strengths of Random Forest (RF) for feature selection and Bidirectional Long Short-Term Memory (BiLSTM) networks for sequential learning; we developed a novel Hybrid RF-BiLSTM model that combines feature level insights with temporal pattern recognition to provide a reliable solution for IoT traffic threats. We conducted extensive experiments with Aposemat IoT-23 dataset, where we used equal volumes of benign and malicious traffic samples leading to balanced evaluation. Furthermore, the Hybrid RF-BiLSTM model achieved a performance of 99.87%, while the Random Forest and BiLSTM performance were 99.37% and 93.32%, respectively, demonstrating the power of the hybrid approach over individual ones. The analysis gave more details about the model's performance, showing the confusion matrix and calculating the performance metrics that substantiates the model's reliability to minimize false positive and false negatives while also achieving high precision and recall. It shows that how well the integration of feature selection and sequential learning works for IoT cyber security. This Hybrid RF-BiLSTM approach lays a scalable and practical framework for real-world IoT security problems and a stepping stone for future studies in hybrid ML models for anomaly detection and threat analysis.
Downloads
References
[1] Atlam HF, Wills GB. IoT security, privacy, safety and ethics. In: Digital Twin Technologies and Smart Cities 2020; 2020. p. 123–149.
[2] Alladi T, Chamola V, Sikdar B, Choo KKR. Consumer IoT: Security vulnerability case studies and solutions. IEEE Consum. Electron. Mag. 2020; 9(2):17–25.
[3] Lu Y, Da Xu L. Internet of Things (IoT) cybersecurity research: A review of current research topics. IEEE Internet Things J. 2019; 6(2):2103–2115.
[4] Khader R, Eleyan D. Survey of DoS/DDoS attacks in IoT. Sustainable Engineering and Innovation. 2021; 3(1):23–28.
[5] Sharmeen S, Huda S, Abawajy JH, Ismail WN, Hassan MM. Malware threats and detection for industrial mobile-IoT networks. IEEE Access. 2018; 6:15941–15957.
[6] Sharma V, Kim J, Kwon S, You I, Lee K, Yim K. A framework for mitigating zero-day attacks in IoT. arXiv preprint arXiv:1804.05549; 2018.
[7] Ali I, Ahmed AIA, Almogren A, Raza MA, Shah SA, Khan A, Gani A. Systematic literature review on IoT-based botnet attack. IEEE Access. 2020; 8:212220–212232.
[8] Litoussi M, Kannouf N, El Makkaoui K, Ezzati A, Fartitchou M. IoT security: Challenges and countermeasures. Procedia Comput. Sci. 2020; 177:503–508.
[9] Amanullah MA, Habeeb RAA, Nasaruddin FH, Gani A, Ahmed E, Nainar ASM, et al. Deep learning and big data technologies for IoT security. Comput. Commun. 2020; 151:495–517.
[10] Boukerche A, Coutinho RW. Design guidelines for machine learning-based cybersecurity in Internet of Things. IEEE Netw. 2021; 35(1):393–399.
[11] Strecker S, Van Haaften W, Dave R. An analysis of IoT cybersecurity driven by machine learning. In: Proc. Int. Conf. Communication and Computational Technologies; 2021. p. 725–753.
[12] Alrashdi I, Alqazzaz A, Aloufi E, Alharthi R, Zohdy M, Ming H. AD-IoT: Anomaly detection of IoT cyberattacks in smart city using machine learning. In: 2019 IEEE Computing and Communication Workshop and Conference (CCWC); 2019. p. 0305–0310.
[13] Kotenko I, Izrailov K, Buinevich M. Static analysis of information systems for IoT cybersecurity: A survey of machine learning approaches. Sensors. 2022; 22(4):1335.
[14] Tyagi H, Kumar R. Attack and anomaly detection in IoT networks using supervised machine learning approaches. Rev. Intell. Artif. 2021; 35(1):11–21.
[15] Dalal KR. Analysing the role of supervised and unsupervised machine learning in IoT. In: 2020 Int. Conf. Electronics and Sustainable Communication Systems (ICESC); 2020. p. 75–79.
[16] Rezaei A. Using ensemble learning technique for detecting botnet on IoT. SN Comput. Sci. 2021; 2(3):1–14.
[17] Aurangzeb S, Anwar H, Naeem MA, Aleem M. BigRC-EML: Big-data based ransomware classification using ensemble machine learning. Cluster Comput. 2022; 1–18.
[18] Hsu HT, Jong GJ, Chen JH, Jhe CG. Improve IoT security system of smart-home using SVM. In: 2019 IEEE Int. Conf. Computer and Communication Systems (ICCCS); 2019. p. 674–677.
[19] Guo C, Zhuang R, Su C, Liu CZ, Choo KKR. Secure and efficient k-NN query over encrypted uncertain data in cloud-IoT ecosystem. IEEE Internet Things J. 2019; 6(6):9868–9879.
[20] Hanif S, Ilyas T, Zeeshan M. Intrusion detection in IoT using artificial neural networks on UNSW-15 dataset. In: 2019 IEEE Int. Conf. Smart Cities (HONET-ICT); 2019. p. 152–156.
[21] Ahmad Z, Shahid Khan A, Nisar K, Haider I, Hassan R, Haque MR, Rodrigues JJ. Anomaly detection using deep neural network for IoT architecture. Appl. Sci. 2021; 11(15):7050.
[22] Kaur P, Kumar R, Kumar M. A healthcare monitoring system using random forest and IoT. Multimed. Tools Appl. 2019; 78(14):19905–19916.
[23] Fatayer TS, Azara MN. IoT secure communication using ANN classification algorithms. In: 2019 Int. Conf. Promising Electronic Technologies (ICPET); 2019. p. 142–146.
[24] Saharkhizan M, Azmoodeh A, Dehghantanha A, Choo KKR, Parizi RM. An ensemble of deep RNNs for detecting IoT cyber attacks using network traffic. IEEE Internet Things J. 2020; 7(9):8852–8859.
[25] Hikal NA, Elgayar MM. Enhancing IoT botnet attack detection using ML-IDS and ensemble preprocessing. In: Internet of Things—Applications and Future; 2020. p. 89–102.
[26] Tomer V, Sharma S. Detecting IoT attacks using an ensemble machine learning model. Future Internet. 2022; 14(4):102.
[27] Jayalaxmi PLS, Saha R, Kumar G, Kim TH. Machine and deep learning amalgamation for feature extraction in IIoT. Comput. Electr. Eng. 2022; 97:107610.
[28] Thakkar A, Lohiya R. A review on ML and DL perspectives for IDS in IoT. Arch. Comput. Methods Eng. 2021; 28(4):3211–3243.
[29] Hazer-Rau D, Arends R, Zhang L, Traue HC. Feature selection using evolutionary algorithms for affective computing. Eng. Proc. 2021; 10(1):42.
[30] Strecker S, Dave R, Siddiqui N, Seliya N. A modern analysis of aging ML-based IoT cybersecurity methods. arXiv preprint arXiv:2110.07832; 2021.
[31] Usoh M, Asuquo P, Ozuomba S, et al. A hybrid ML model for detecting cybersecurity threats in IoT applications. Int. J. Inf. Technol. 2023; 15:3359–3370.
[32] Sajid M, Malik KR, Almogren A, et al. Enhancing intrusion detection: A hybrid machine and deep learning approach. J. Cloud Comput. 2024; 13:123.
[33] Yaras S, Dener M. IoT-based intrusion detection using a new hybrid deep learning algorithm. Electronics. 2024; 13(6):1053.
[34] Behiry MH, Aly M. Cyberattack detection in WSN using hybrid feature reduction with AI and ML. J. Big Data. 2024; 11:16.
[35] García S, Parmisano A, Gómez MI. IoT-23: A labeled dataset for malicious and benign IoT network traffic. Stratosphere Laboratory, CTU Prague; 2020.
[36] Akuthota UC, Bhargava L. Transformer-based intrusion detection for IoT networks. IEEE Internet Things J. 2025; 12(5):6062–6067.
[37] Vyas A, Lin PC, Hwang RH, Tripathi M. Privacy-preserving federated learning for intrusion detection in IoT. IEEE Access. 2024; 12:127018–127050.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Nadia Ansar, Suraiya Parveen, Ihtiram Raza Khan, Bhavya Alankar
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
This is an open-access article distributed under the terms of the Creative Commons Attribution CC BY 4.0 license, which permits unlimited use, distribution, and reproduction in any medium so long as the original work is properly cited.
