An ensemble learning framework for enhanced anomaly and failure detection in IoT systems

Abstract

The rapid proliferation of Internet of Things (IoT) devices has revolutionized modern connectivity but also introduced significant cybersecurity challenges due to heterogeneous architectures, resource limitations, and expanding attack surfaces. In this study, we propose a flexible ensemble-based anomaly detection framework tailored for IoT environments. By integrating diverse machine learning models including decision trees, support vector machines, and neural networks through techniques such as bagging, boosting, blending, and stacking, our approach aims to enhance detection accuracy and robustness against evolving threats. We evaluate the framework on two benchmark datasets: one from a smart manufacturing setting using MEMS sensors, and the other from the N-BaIoT dataset, which targets botnet detection in IoT networks. Evaluation results demonstrate that ensemble methods consistently outperform individual classifiers across key metrics, including accuracy, precision, recall, and F1-score. For the MEMS dataset, advanced ensemble methods deliver an absolute increase of approximately 2.0 % in anomaly detection accuracy over the top-performing single AI method. For the N-BaIoT dataset, the average accuracy of all ensemble approaches is 95.53 % while that for single AI models is 73.82 %. Additionally, we assess runtime performance to gauge their suitability for real-time applications. We also show the confusion matrices and ROC curves of different models used in our framework. To promote reproducibility, we have released our codebase, trained models, and processed datasets. This work offers practical insights into building secure and reliable IoT systems and highlights the potential of ensemble learning in this context.