A Methodological Framework to Hybrid Machine Learning for Detecting Unusual Cyberattacks in Internet of Things

Abstract

Background: The Internet of Things (IoT) represents one of the fastest-expanding developments in the computer industry. However, the inherently hostile environment of the internet makes IoT systems vulnerable. A popular and promising method for detecting cyberattacks is machine learning (ML), which produces excellent outcomes for identified attacks. However, their ability to identify unidentified malicious traffic is nearly nonexistent.

Need for the Study: The need for study arises from the advanced security solutions of IoT, which are vulnerable to various known and unknown cyberattacks. Traditional ML methods are used to effectively detect new threats. It is followed by a hybrid methodological framework to combine supervised and semisupervised learning. It is an advanced approach to enhance detection accuracy and adaptability in dynamic IoT environments.

Methods: The study suggests an innovative strategy that combines supervised and unsupervised techniques. Initially employing several flow-based parameters, the improved density-based spatial clustering of applications with noise (IDBSCAN) clustering technique distinguishes between anomalous and regular traffic. Next, utilizing specific statistical metrics, a hybrid multiple kernel extreme learning machine with modified teaching–learning-based optimization (HMKELM-MTLBO) classification process is applied to label the clusters.

Findings of the Study: The findings of accuracy result as 98.95%, precision as 97.65%, recall as 98.56%, and F1 score value as 98.23%.

Results: The approach’s effectiveness was evaluated using the ToN_IoT dataset, and a 99%+ accuracy rate was attained in identifying cyberattacks across IoT technology.

Conclusion: The study validates the suggested strategy by testing a distinct set of attacks and training on the ToN_IoT dataset utilizing an extensive data processing system.