Электронный каталог

Статья

Gaber, M.I.
Development of Advanced Intrusion Detection Approach Using Machine and Ensemble Learning for Industrial Internet of Things Networks / M.I.Gaber, A.V.Nechaevskiy. – Text : electronic // Компьютерные исследования и моделирование. – 2025. – Т. 17, № 5. – P. 799-827. – URL: https://doi.org/10.20537/2076-7633-2025-17-5-799-827. – Bibliogr.: P.825-827.

The Industrial Internet of Things (IIoT) networks plays a significant role in enhancing industrial automation systems by connecting industrial devices for real time data monitoring and predictive maintenance. However, this connectivity introduces new vulnerabilities which demand the development of advanced intrusion detection systems. The nuclear facilities are considered one of the closest examples of critical infrastructures that suffer from high vulnerability through the connectivity of IIoT networks. This paper develops a robust intrusion detection approach using machine and ensemble learning algorithms specifically determined for IIoT networks. This approach can achieve optimal performance with low time complexity suitable for real-time IIoT networks. For each algorithm, Grid Search is determined to fine-tune the hyperparameters for optimizing the performance while ensuring time computational efficiency. The proposed approach is investigated on recent IIoT intrusion detection datasets, WUSTL-IIOT-2021 and Edge-IIoT-2022 to cover a wider range of attacks with high precision and minimum false alarms. The study provides the effectiveness of ten machine and ensemble learning models on selected features of the datasets. Synthetic Minority Over-sampling Technique (SMOTE)-based multi-class balancing is used to manipulate dataset imbalances. The ensemble voting classifier is used to combine the best models with the best hyperparameters for raising their advantages to improve the performance with the least time complexity. The machine and ensemble learning algorithms are evaluated based on accuracy, precision, recall, F1 Score, and time complexity. This evaluation can discriminate the most suitable candidates for further optimization. The proposed approach is called the XCL approach that is based on Extreme Gradient Boosting (XGBoost), CatBoost (Categorical Boosting), and Light Gradient- Boosting Machine (LightGBM). It achieves high accuracy, lower false positive rate, and efficient time complexity. The results refer to the importance of ensemble strategies, algorithm selection, and hyperparameter optimization in enhancing the performance to detect the different intrusions across the IIoT datasets over the other models. The developed approach produced a higher accuracy of 99.99% on the WUSTL-IIOT-2021 dataset and 100% on the Edge-IIoTset dataset. Our experimental evaluations have been extended to the CIC-IDS-2017 dataset. These additional evaluations not only highlight the applicability of the XCL approach on a wide spectrum of intrusion detection scenarios but also confirm its scalability and effectiveness in real-world complex network environments.



ОИЯИ = ОИЯИ (JINR)2025
Спец.(статьи,препринты) = Ц 849 - Искусственный интеллект. Теория и практика
Спец.(статьи,препринты) = С 325.1а - Нейронные сети и клеточные автоматы