Smart IoT Security: Lightweight Machine Learning Techniques for Multi-Class Attack Detection in IoT Networks

TL;DR

This paper evaluates lightweight machine learning ensemble methods for multi-class attack detection in IoT networks, demonstrating high accuracy with decision trees and random forests on the CICIoT 2023 dataset.

Contribution

It introduces new lightweight ensemble ML techniques tailored for IoT security, achieving high detection accuracy and efficiency on heterogeneous attack data.

Findings

Decision Tree achieved 99.56% accuracy

Random Forest achieved 98.22% accuracy

ML classifiers are effective for high-dimensional IoT attack data

Abstract

The Internet of Things (IoT) is expanding at an accelerated pace, making it critical to have secure networks to mitigate a variety of cyber threats. This study addresses the limitation of multi-class attack detection of IoT devices and presents new machine learning-based lightweight ensemble methods that exploit its strong machine learning framework. We used a dataset entitled CICIoT 2023, which has a total of 34 different attack types categorized into 10 categories, and methodically assessed the performance of a substantial array of current machine learning techniques in our goal to identify the best-performing algorithmic choice for IoT application protection. In this work, we focus on ML classifier-based methods to address the biocharges presented by the difficult and heterogeneous properties of the attack vectors in IoT ecosystems. The best-performing method was the Decision Tree, achieving 99.56% accuracy and 99.62% F1, indicating this model is capable of detecting threats accurately and reliably. The Random Forest model also performed nearly as well, with an accuracy of 98.22% and an F1 score of 98.24%, indicating that ML methods excel in a scenario of high-dimensional data. These findings emphasize the promise of integrating ML classifiers into the protective defenses of IoT devices and provide motivations for pursuing subsequent studies towards scalable, keystroke-based attack detection frameworks. We think that our approach offers a new avenue for constructing complex machine learning algorithms for low-resource IoT devices that strike a balance between accuracy requirements and time efficiency. In summary, these contributions expand and enhance the knowledge of the current IoT security literature, establishing a solid baseline and framework for smart, adaptive security to be used in IoT environments.