SURVEY ARTICLE
An Extensive Review of Machine Learning and Deep Learning Techniques on Network Intrusion Detection for IoT
Supongmen Walling,
Sibesh Lodh,
Corresponding Author
Supongmen Walling
National Institute of Technology Nagaland, Dimapur, India
Correspondence: Supongmen Walling ([email protected])
Search for more papers by this authorSibesh Lodh
National Institute of Technology Nagaland, Dimapur, India
Search for more papers by this authorSupongmen Walling,
Sibesh Lodh,
Corresponding Author
Supongmen Walling
National Institute of Technology Nagaland, Dimapur, India
Correspondence: Supongmen Walling ([email protected])
Search for more papers by this authorSibesh Lodh
National Institute of Technology Nagaland, Dimapur, India
Search for more papers by this authorFirst published: 05 February 2025
ABSTRACT
The Internet of Things (IoT) has transformed technology interactions by connecting devices and facilitating information exchange. However, IoT's interconnectivity presents significant security challenges, including network security, device vulnerabilities, data confidentiality, and authentication. Many IoT devices lack strong security measures, making them susceptible to misuse. Additionally, privacy concerns arise due to sensitive data storage. Solutions such as secure authentication, encryption, and encrypted communication are vital. Intrusion detection systems (IDS) play a crucial role in proactively protecting networks, yet they encounter significant challenges in identifying new intrusions and minimizing false alarms. To tackle these issues, researchers have developed IDS systems that leverage machine learning (ML) and deep learning (DL) techniques. This survey article not only provides an in-depth analysis of current IoT IDS but also summarizes the techniques, deployment strategies, validation methods, and datasets commonly used in the development of these systems. A thorough analysis of modern Network Intrusion Detection System (NIDS) publications is also included, which evaluates, examines, and contrasts NIDS approaches in the context of the IoT with regard to its architecture, detection methods, and validation strategies, dangers that have been addressed, and deployed algorithms setting it apart from earlier surveys that predominantly concentrate on traditional systems. We concentrate on IoT NIDS implemented by ML and DL in this survey given that learning algorithms have an excellent track record for success in security and privacy. The study, in our opinion, will be beneficial for academic and industrial research in identifying IoT dangers and problems, in implementing their own NIDS and in proposing novel innovative techniques in an IoT context while taking IoT limits into consideration.
Conflicts of Interest
The authors declare no conflicts of interest.
Open Research
Data Availability Statement
Data sharing is not applicable to this article as no new data were created or analyzed in this study.
References
- 1A. A. Smadi, B. T. Ajao, B. K. Johnson, H. Lei, Y. Chakhchoukh, and Q. A. Al-Haija, “A Comprehensive Survey on Cyber-Physical Smart Grid Testbed Architectures: Requirements and Challenges,” Electronics (Basel) 10 (2021): 1043.
- 2K. Albulayhi, A. A. Smadi, F. T. Sheldon, and R. K. Abercrombie, “IoT Intrusion Detection Taxonomy, Reference Architecture, and Analyses,” Sensors 21 (2021): 6432.
- 3N. Chaabouni, M. Mosbah, A. Zemmari, C. Sauvignac, and P. Faruki, “Network Intrusion Detection for IoT Security based on Learning Techniques,” IEEE Communications Surveys & Tutorials 21, no. 3 (2019): 2671–2701.
- 4J. P. Anderson, Computer Security Threat Monitoring and Surveillance (Fort Washington, PA: James P Anderson Co, 1980).
- 5R. Prasad and V. Rohokale, “ Artificial Intelligence and Machine Learning in Cyber Security,” in Cyber Security: The Lifeline of Information and Communication Technology (New York, NY: Springer, 2020), 231–247.
10.1007/978-3-030-31703-4_16 Google Scholar
- 6M. S. Hoque, M. Mukit, M. Bikas, and A. Naser, “An Implementation of Intrusion Detection System Using Genetic Algorithm,” (2012), arXiv preprint arXiv:1204.1336.
- 7M. M. Najafabadi, F. Villanustre, T. M. Khoshgoftaar, N. Seliya, R. Wald, and E. Muharemagic, “Deep Learning Applications and Challenges in Big Data Analytics,” Journal of Big Data 2, no. 1 (2015): 1, https://doi.org/10.1186/s40537-014-0007-7.
10.1186/s40537-014-0007-7 Google Scholar
- 8A. Jamalipour and S. Murali, “A Taxonomy of Machine-Learning-Based Intrusion Detection Systems for the Internet of Things: A Survey,” IEEE Internet of Things Journal 9, no. 12 (2022): 9444–9466, https://doi.org/10.1109/JIOT.2021.3126811.
- 9A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of Intrusion Detection Systems: Techniques, Datasets and Challenges,” Cybersecurity 2, no. 1 (2019): 20.
10.1186/s42400-019-0038-7 Google Scholar
- 10S. Kumar, S. Gupta, and S. Arora, “Research Trends in Network-Based Intrusion Detection Systems: A Review,” IEEE Access 9 (2021): 157761–157779, https://doi.org/10.1109/ACCESS.2021.3129775.
- 11B. B. Zarpelao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, “A Survey of Intrusion Detection in Internet of Things,” Journal of Network and Computer Applications 84 (2017): 25–37.
- 12E. Gyamfi and A. Jurcut, “Intrusion Detection in Internet of Things Systems: A Review on Design Approaches Leveraging Multi-Access Edge Computing, Machine Learning, and Datasets,” Sensors 22 (2022): 3744, https://doi.org/10.3390/s22103744.
- 13S. Walling and S. Lodh, “ A Comprehensive Review on Security Attacks and Countermeasures in IoT Environment,” in Information and Communication Technology for Competitive Strategies (ICTCS 2022). ICTCS 2022. Lecture Notes in Networks and Systems, vol. 623, eds. A. Joshi, M. Mahmud, and R. G. Ragel (Singapore: Springer, 2023), https://doi.org/10.1007/978-981-19-9638-2_53.
10.1007/978-981-19-9638-2_53 Google Scholar
- 14A. Mosenia and N. K. Jha, “A Comprenhensive Study of Security of Internet-of-Things,” IEEE Transactions on Emerging Topics in Computing 5 (2017): 586–602.
- 15N. Neshenko, E. Bou-Harb, J. Crichigno, G. Kaddoum, and N. Ghani, “Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations,” IEEE Communications Surveys & Tutorials 21, no. 3 (2019): 2702–2733.
- 16S. Singh and H. S. Saini, “Learning-Based Security Technique for Selective Forwarding Attack in Clustered WSN,” Wireless Personal Communications 118 (2021): 789–814, https://doi.org/10.1007/s11277-020-08044-0.
- 17S. Ahmad Salehi, M. A. Razzaque, P. Naraei, and A. Farrokhtala, “ Detection of Sinkhole Attack in Wireless Sensor Networks,” in 2013 IEEE International Conference on Space Science and Communication (IconSpace) (Melaka, Malaysia: IEEE, 2013), 361–365, https://doi.org/10.1109/IconSpace.2013.6599496.
10.1109/IconSpace.2013.6599496 Google Scholar
- 18P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maciá-Fernández, and E. Vázquez, “Anomaly-Based Network Intrusion Detection: Techniques Systems and Challenges,” Computers & Security 28, no. 1–2 (2009): 18–28.
- 19P. Kabiri and A. A. Ghorbani, “Research on Intrusion Detection and Response: A Survey,” International Journal of Network Security 1, no. 2 (2005): 84–102, https://doi.org/10.6633/IJNS.200509.1(2).05.
10.6633/IJNS.200509.1(2).05 Google Scholar
- 20V. Kumar, A. K. Das, and D. Sinha, “UIDS: A Unified Intrusion Detection System for IoT Environment,” Evolutionary Intelligence 14 (2021): 47–59, https://doi.org/10.1007/s12065-019-00291-w.
- 21W. Li, S. Tug, W. Meng, and W. Yu, “Designing Collaborative Blockchained Signature-Based Intrusion Detection in IoT Environments,” Future Generation Computer Systems 96 (2019): 481–489, https://doi.org/10.1016/j.future.2019.02.064.
- 22W. Yu, W. Meng, W. Li, J. Li, W.-X. Liu, and Y. Xiang, “A Fog-Based Privacy-Preserving Approach for Distributed Signature-Based Intrusion Detection,” Journal of Parallel and Distributed Computing 122 (2018): 26–35, https://doi.org/10.1016/j.jpdc.2018.07.013.
10.1016/j.jpdc.2018.07.013 Google Scholar
- 23S. Krishnaveni, P. Vigneshwar, S. Kishore, B. Jothi, and S. Sivamohan, “ Anomaly-Based Intrusion Detection System Using Support Vector Machine,” in Artificial Intelligence and Evolutionary Computations in Engineering Systems. Advances in Intelligent Systems and Computing, vol. 1056, eds. S. Dash, C. Lakshmi, S. Das, and B. Panigrahi (Singapore: Springer, 2020), https://doi.org/10.1007/978-981-15-0199-9_62.
- 24P. Kumar, G. P. Gupta, and R. Tripathi, “Design of Anomaly-Based Intrusion Detection System Using Fog Computing for IoT Network,” Automation and Computer-Aided Design in Manufacturing 55 (2021): 137–147, https://doi.org/10.3103/S0146411621020085.
10.3103/S0146411621020085 Google Scholar
- 25P. K. Keserwani, M. C. Govil, E. S. Pilli, and P. Govil, “A Smart Anomaly-Based Intrusion Detection System for the Internet of Things (IoT) Network Using GWO–PSO–RF Model,” Journal on Reliable Intelligent Environments 7 (2021): 3–21, https://doi.org/10.1007/s40860-020-00126-x.
10.1007/s40860-020-00126-x Google Scholar
- 26A. Khraisat, I. Gondal, P. Vamplew, J. Kamruzzaman, and A. Alazab, “Hybrid Intrusion Detection System Based on the Stacking Ensemble of C5 Decision Tree Classifier and One Class Support Vector Machine,” Electronics 9 (2020): 173.
- 27A. Singh, K. Chatterjee, and S. C. Satapathy, “An Edge Based Hybrid Intrusion Detection Framework for Mobile Edge Computing,” Complex & Intelligent Systems 8 (2022): 3719–3746.
- 28M. A. Lawal, R. A. Shaikh, and S. R. Hassan, “An Anomaly Mitigation Framework for IoT Using Fog Computing,” Electronics 9 (2020): 1565.
- 29M. Elrawy, A. Awad, and H. Hamed, “Intrusion Detection Systems for IoT-Based Smart Environments: A Survey,” Journal of Cloud Computing 7 (2018): 21, https://doi.org/10.1186/s13677-018-0123-6.
10.1186/s13677-018-0123-6 Google Scholar
- 30R. Sahani, C. Rout, J. C. Badajena, A. K. Jena, and H. Das, “ Classification of Intrusion Detection Using Data Mining Techniques,” in Progress in Computing, Analytics and Networking (New York, NY: Springer, 2018), 753–764.
10.1007/978-981-10-7871-2_72 Google Scholar
- 31B. Ingre, A. Yadav, and A. K. Soni, “ Decision Tree Based Intrusion Detection System for NSL-KDD Dataset,” in Information and Communication Technology for Intelligent Systems (ICTIS 2017) – Volume 2. ICTIS 2017. Smart Innovation, Systems and Technologies, vol. 84, eds. S. Satapathy and A. Joshi (Cham: Springer, 2018), https://doi.org/10.1007/978-3-319-63645-0_23.
- 32N. G. Relan and D. R. Patil, “ Implementation of Network Intrusion Detection System Using Variant of Decision Tree Algorithm,” in 2015 International Conference on Nascent Technologies in the Engineering Field (ICNTE) (Navi Mumbai, India: IEEE, 2015), 1–5, https://doi.org/10.1109/ICNTE.2015.7029925.
10.1109/ICNTE.2015.7029925 Google Scholar
- 33S. Tong and D. Koller, “Support Vector Machine Active Learning With Applications to Text Classification,” Journal of Machine Learning Research 2 (2001): 45–66.
- 34B. Yan and G. Han, “Effective Feature Extraction via Stacked Sparse Autoencoder to Improve Intrusion Detection System,” IEEE Access 6 (2018): 41238–41248, https://doi.org/10.1109/ACCESS.2018.2858277.
- 35A.-C. Enache and V. V. Patriciu, “ Intrusions Detection Based on Support Vector Machine Optimized With Swarm Intelligence,” in 2014 IEEE 9th IEEE International Symposium on Applied Computational Intelligence and Informatics (SACI) (Timisoara, Romania: IEEE, 2014), 153–158, https://doi.org/10.1109/SACI.2014.6840052.
10.1109/SACI.2014.6840052 Google Scholar
- 36W. Li, P. Yi, Y. Wu, L. Pan, and J. Li, “A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network,” Journal of Electrical and Computer Engineering 2014 (2014): 240217:1–240217:8.
10.1155/2014/240217 Google Scholar
- 37L. Koc, T. A. Mazzuchi, and S. Sarkani, “A Network Intrusion Detection System Based on a Hidden Naïve Bayes Multiclass Classifier,” Expert Systems with Applications 39, no. 18 (2012): 13492–13500.
- 38J. Gu and S. Lu, “An Effective Intrusion Detection Approach Using SVM With naïve Bayes Feature Embedding,” Computers & Security 103 (2021): 102158, https://doi.org/10.1016/j.cose.2020.102158.
- 39S. Hanif, T. Ilyas, and M. Zeeshan, “Intrusion Detection In IoT Using Artificial Neural Networks On UNSW-15 Dataset,” (2019), 152–156, https://doi.org/10.1109/HONET.2019.8908122.
10.1109/HONET.2019.8908122 Google Scholar
- 40A. Z. Kiflay, A. Tsokanos, and R. Kirner, “ A Network Intrusion Detection System Using Ensemble Machine Learning,” in 2021 International Carnahan Conference on Security Technology (ICCST) (Hatfield, United Kingdom: IEEE, 2021), 1–6, https://doi.org/10.1109/ICCST49569.2021.9717397.
10.1109/ICCST49569.2021.9717397 Google Scholar
- 41N. Farnaaz and M. A. Jabbar, “Random Forest Modeling for Network Intrusion Detection System,” Procedia Computer Science 89 (2016): 213–217, https://doi.org/10.1016/j.procs.2016.06.047.
10.1016/j.procs.2016.06.047 Google Scholar
- 42M. Mazini, B. Shirazi, and I. Mahdavi, “Anomaly Network-Based Intrusion Detection System Using a Reliable Hybrid Artificial Bee Colony and AdaBoost Algorithms,” Journal of King Saud University, Computer and Information Sciences 31, no. 4 (2019): 541–553, https://doi.org/10.1016/j.jksuci.2018.03.011.
- 43Y. Shen, K. Zheng, C. Wu, M. Zhang, X. Niu, and Y. Yang, “An Ensemble Method Based on Selection Using Bat Algorithm for Intrusion Detection,” Computer Journal 61, no. 4 (2018): 526–538.
- 44S. Roy, J. Li, B.-J. Choi, and Y. Bai, “A Lightweight Supervised Intrusion Detection Mechanism for IoT Networks,” Future Generation Computer Systems 127 (2022): 276–285.
- 45M. Usama, J. Qadir, A. Raza, et al., “Unsupervised Machine Learning for Networking: Techniques, Applications and Research Challenges,” IEEE Access 7 (2019): 65579–65615.
- 46S. Wang, J. Cai, Q. Lin, and W. Guo, “An Overview of Unsupervised Deep Feature Representation for Text Categorization,” IEEE Transactions on Computational Social Systems 6, no. 3 (2019): 504–517.
- 47S. Kanjanawattana, “A Novel Outlier Detection Applied to an Adaptive K-Means,” International Journal of Machine Learning and Cybernetics 9 (2019): 569–574.
- 48P. Chapagain, A. Timalsina, M. Bhandari, and R. Chitrakar, “ Intrusion Detection Based on PCA With Improved K-Means,” in Innovations in Electrical and Electronic Engineering. ICEEE 2022. Lecture Notes in Electrical Engineering, vol. 894, eds. S. Mekhilef, R. N. Shaw, and P. Siano (Singapore: Springer, 2022), https://doi.org/10.1007/978-981-19-1677-9_2.
- 49Y. K. Saheed, A. I. Abiodun, S. Misra, M. K. Holone, and R. Colomo-Palacios, “A Machine Learning-Based Intrusion Detection for Detecting Internet of Things Network Attacks,” Alexandria Engineering Journal 61, no. 12 (2022): 9395–9409.
- 50Y. Goodfellow, A. C. Bengio, and Y. Bengio, Deep Learning (Cambridge, MA, USA: MIT Press, 2016).
- 51H. Zhang, L. Huang, C. Q. Wu, and Z. Li, “An Effective Convolutional Neural Network Based on SMOTE and Gaussian Mixture Model for Intrusion Detection in Imbalanced Dataset,” Computer Networks 177 (2020): 107315.
- 52A. El-Ghamry, A. Darwish, and A. E. Hassanien, “An Optimized CNN-Based Intrusion Detection System for Reducing Risks in Smart Farming,” Internet of Things 22 (2023): 100709, https://doi.org/10.1016/j.iot.2023.100709.
- 53Y. Wang, J. Wang, and H. Jin, “Network Intrusion Detection Method Based on Improved CNN in Internet of Things Environment,” Mobile Information Systems 2022 (2022): 10, https://doi.org/10.1155/2022/3850582.
- 54C. Yin, Y. Zhu, J. Fei, and X. He, “A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks,” IEEE Access 5 (2017): 21954–21961, https://doi.org/10.1109/ACCESS.2017.2762418.
- 55M. Almiani, A. AbuGhazleh, A. Al-Rahayfeh, S. Atiewi, and A. Razaque, “Deep Recurrent Neural Network for IoT Intrusion Detection System,” Simulation Modelling Practice and Theory 101 (2020): 102031.
- 56D. Dasgupta, Z. Akhtar, and S. Sen, “Machine Learning in Cybersecurity: A Comprehensive Survey,” Journal of Defense Modeling and Simulation 19 (2020): 1–50, https://doi.org/10.1177/1548512920951275.
10.1177/1548512920951275 Google Scholar
- 57K. S. Elsaeidy, D. S. Munasinghe, and A. Jamalipour, “Intrusion Detection in Smart Cities Using Restricted Boltzmann Machines,” Journal of Network and Computer Applications 135 (2019): 76–83.
- 58R. Malik, Y. Singh, Z. A. Sheikh, P. Anand, P. K. Singh, and T. C. Workneh, “An Improved Deep Belief Network IDS on IoT-Based Network for Traffic Systems,” Journal of Advanced Transportation 2022 (2022): 17, https://doi.org/10.1155/2022/7892130.
- 59Y. N. Kunang, S. Nurmaini, D. Stiawan, A. Zarkasi, Firdaus, and Jasmir, “ Automatic Features Extraction Using Autoencoder in Intrusion Detection System,” in 2018 International Conference on Electrical Engineering and Computer Science (ICECOS) (Pangkal, Indonesia: IEEE, 2018), 219–224, https://doi.org/10.1109/ICECOS.2018.8605181.
10.1109/ICECOS.2018.8605181 Google Scholar
- 60A. Abbas, M. A. Khan, S. Latif, M. Ajaz, A. A. Shah, and J. Ahmad, “A New Ensemble-Based Intrusion Detection System for Internet of Things,” Arabian Journal for Science and Engineering 47 (2022): 1805–1819.
- 61Y. Zhang, H. Zhang, and B. Zhang, “An Effective Ensemble Automatic Feature Selection Method for Network Intrusion Detection,” Information 13 (2022): 314, https://doi.org/10.3390/info13070314.
- 62K. Albulayhi, Q. Abu Al-Haija, S. A. Alsuhibany, A. A. Jillepalli, M. Ashrafuzzaman, and F. T. Sheldon, “IoT Intrusion Detection Using Machine Learning With a Novel High Performing Feature Selection Method,” Applied Sciences 12 (2022): 5015.
- 63A. Dahou, M. A. Elaziz, S. A. Chelloug, et al., “Intrusion Detection System for IoT Based on Deep Learning and Modified Reptile Search Algorithm,” Computational Intelligence and Neuroscience 2022 (2022): 15, https://doi.org/10.1155/2022/6473507.
- 64X.-H. Nguyen, X.-D. Nguyen, H.-H. Huynh, and K.-H. Le, “Realguard: A Lightweight Network Intrusion Detection System for IoT Gateways,” Sensors 22 (2022): 432, https://doi.org/10.3390/s22020432.
- 65A. Awajan, “A Novel Deep Learning-Based Intrusion Detection System for IoT Networks,” Computers 12 (2023): 34, https://doi.org/10.3390/computers12020034.
- 66J. A. Faysal, S. T. Mostafa, J. S. Tamanna, et al., “XGB-RF: A Hybrid Machine Learning Approach for IoT Intrusion Detection,” Telecom 3 (2022): 52–69, https://doi.org/10.3390/telecom3010003.
- 67Ü. Çavuşoğlu, “A New Hybrid Approach for Intrusion Detection Using Machine Learning Methods,” Applied Intelligence 49 (2019): 2735–2761.
- 68R. Zhao, G. Gui, Z. Xue, et al., “A Novel Intrusion Detection Method Based on Lightweight Neural Network for Internet of Things,” IEEE Internet of Things Journal 9, no. 12 (2022): 9960–9972, https://doi.org/10.1109/JIOT.2021.3119055.
- 69M. Nobakht, V. Sivaraman, and R. Boreli, “ A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow,” in 2016 11th International Conference on Availability, Reliability and Security (ARES) (Salzburg, Austria: IEEE, 2016), 147–156, https://doi.org/10.1109/ARES.2016.64.
10.1109/ARES.2016.64 Google Scholar
- 70P. Nimbalkar and D. Kshirsagar, “Feature Selection for Intrusion Detection System in Internet-Of-Things (IoT),” ICT Express 7, no. 2 (2021): 177–181.
- 71X. Wang and X. Lu, “A Host-Based Anomaly Detection Framework Using XGBoost and LSTM for IoT Devices,” Wireless Communications and Mobile Computing 2020 (2020): 1–13, https://doi.org/10.1155/2020/8838571.
- 72M. A. Rahman, A. T. Asyhari, L. S. Leong, G. B. Satrya, M. H. Tao, and M. F. Zolkipli, “Scalable Machine Learning-Based Intrusion Detection System for IoT-Enabled Smart Cities,” Sustainable Cities and Society 61 (2020): 102324, https://doi.org/10.1016/j.scs.2020.102324.
- 73R. Gassais, N. Ezzati-Jivan, J. M. Fernandez, D. Aloise, and M. R. Dagenais, “Multi-Level Host-Based Intrusion Detection System for Internet of Things,” Journal of Cloud Computing 9 (2020): 62, https://doi.org/10.1186/s13677-020-00206-6.
10.1186/s13677-020-00206-6 Google Scholar
- 74Z. Ahmad, A. S. Khan, K. Zen, and F. Ahmad, “MS-ADS: Multistage Spectrogram Image-Based Anomaly Detection System for IoT Security,” Transactions on Emerging Telecommunications Technologies 34, no. 8 (2023): e4810, https://doi.org/10.1002/ett.4810.
- 75M. Poongodi and M. Hamdi, “Intrusion Detection System Using Distributed Multilevel Discriminator in GAN for IoT System,” Transactions on Emerging Telecommunications Technologies 34, no. 11 (2023): e4815, https://doi.org/10.1002/ett.4815.
- 76M. Tavallaee, N. Stakhanova, and A. A. Ghorbani, “Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods,” IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews) 40, no. 5 (2010): 516–524, https://doi.org/10.1109/TSMCC.2010.2048428.
- 77 C. I. for Cybersecurity (CIC), “IDS 2017 j Datasets j Research j Canadian Institute for Cybersecurity j UNB.” 2017, https://www.unb.ca/cic/datasets/ids-2017.html.
- 78G. Karatas, O. Demir, and O. K. Sahingoz, “Increasing the Performance of Machine Learning-Based IDSs on an Imbalanced and Up-to-Date Dataset,” IEEE Access 8 (2020): 32150–32162, https://doi.org/10.1109/ACCESS.2020.2973219.
