Transforming IIoT Security Leveraging Deep Learning and Feature Selection for Superior Intrusion Detection
Keywords:
IIoT Security, Intrusion Detection Systems, Deep Learning, Feature Selection, BiLSTM, Recursive Feature EliminationAbstract
The Industrial Internet of Things (IIoT) has revolutionized industrial operations but has also brought forth significant cybersecurity challenges, demanding the development of advanced Intrusion Detection Systems (IDS). This study presents a feature-driven approach to enhance IDS performance in IIoT environments. By utilizing Recursive Feature Elimination (RFE) combined with Mutual Information (MI) for feature selection, we identified the most relevant attributes from the UNSW-NB15 dataset, improving detection accuracy while reducing computational complexity. Several deep learning models, including Convolutional Neural Networks (CNN), Residual Neural Networks (ResNet), Long Short-Term Memory (LSTM), and Bidirectional LSTM (BiLSTM), were evaluated. Among them, BiLSTM delivered the best performance, achieving a recall of 96.96%, an F1-score of 97.06%, and a Matthews Correlation Coefficient (MCC) of 0.93, outperforming other models in detecting complex attack patterns. However, its high computational cost, with training time exceeding 3500 seconds, underscores the need for optimization for real-time deployment. The results highlight the potential of combining feature selection techniques with deep learning models to enhance IDS for IIoT. Future work will focus on optimizing BiLSTM for faster deployment, integrating hybrid models, and testing across diverse datasets to further improve real-time security solutions for IIoT environments.
References
O. O. Olaniyi, O. J. Okunleye, and S. O. Olabanji, “Advancing data-driven decision-making in smart cities through big data analytics: A comprehensive review of existing literature,” Current Journal of Applied Science and Technology (CJAST), vol. 42, no. 25, pp. 10–18, 2023, https://doi.org/10.9734/cjast/2023/v42i254181.
L. Idouglid, S. Tkatek, and K. Elfayq, “Performance evaluation of deep learning models for sequence-based intrusion detection,” International Journal on Electrical Engineering and Informatics, vol. 17, no. 1, pp. 63-77, 2025, https://doi.org/10.15676/ijeei.2025.17.1.5.
M. Jouhari and M. Guizani, “Lightweight CNN-BiLSTM based intrusion detection systems for resource-constrained IoT devices,” June 4, 2024, arXiv: arXiv:2406.02768. https://doi.org/10.1109/IWCMC61514.2024.10592352.
M. Macas, C. Wu, and W. Fuertes, “A survey on deep learning for cybersecurity: Progress, challenges, and opportunities,” Computer Networks, vol. 212, p. 109032, 2022, https://doi.org/10.1016/j.comnet.2022.109032.
M. Mehmood et al., “A hybrid approach for network intrusion detection,” Computers, Materials & Continua, vol. 70, no. 1, pp. 91–107, 2022, https://doi.org/10.32604/cmc.2022.019127.
M. Jouhari, H. Benaddi, and K. Ibrahimi, “Efficient intrusion detection: Combining $χ^2$ feature selection with CNN-BiLSTM on the UNSW-NB15 dataset,” July 20, 2024, arXiv: arXiv:2407.14945. https://doi.org/10.1109/WINCOM62286.2024.10658099.
P. V. Dinh, D. N. Nguyen, D. T. Hoang, Q. U. Nguyen, E. Dutkiewicz, and S. P. Bao, “Multiple-input auto-encoder guided feature selection for IoT intrusion detection systems,” March 22, 2024, arXiv: arXiv:2403.15511. https://doi.org/10.1109/ICC51166.2024.10622942.
M. Sarhan, S. Layeghy, N. Moustafa, M. Gallagher, and M. Portmann, “Feature extraction for machine learning-based intrusion detection in IoT networks,” Digital Communications and Networks, vol. 10, no. 1, pp. 205–216, 2024, https://doi.org/10.1016/j.dcan.2022.08.012.
M. Sarhan, S. Layeghy, and M. Portmann, “Feature analysis for machine learning-based IoT intrusion detection,” November 23, 2022, arXiv: arXiv:2108.12732. https://doi.org/10.21203/rs.3.rs-2035633/v1.
D. Chicco and G. Jurman, “The advantages of the Matthews correlation coefficient (MCC) over F1 score and accuracy in binary classification evaluation,” BMC Genomics, vol. 21, no. 1, p. 6, 2020, https://doi.org/10.1186/s12864-019-6413-7.
L. Idouglid, S. Tkatek, K. Elfayq, and A. Guezzaz, “Next-gen security in IIoT: Integrating intrusion detection systems with machine learning for industry 4.0 resilience,” International Journal of Electrical and Computer Engineering (IJECE), vol. 14, no. 3, p. 3512, 2024, https://doi.org/10.11591/ijece.v14i3.pp3512-3521.
Ž. Ð. Vujovic, “Classification model evaluation metrics,” International Journal of Advanced Computer Science and Applications (IJACSA), vol. 12, no. 6, 2021, https://doi.org/10.14569/IJACSA.2021.0120670.
N. Moustafa and J. Slay, “UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” Proceedings of the 2015 IEEE Military Communications and Information Systems Conference (MilCIS), Canberra, Australia: IEEE, Nov. 2015, pp. 1–6. https://doi.org/10.1109/MilCIS.2015.7348942.
A. Seraj et al., “Cross-validation,” in Handbook of Hydroinformatics, Elsevier, 2023, pp. 89–105. https://doi.org/10.1016/B978-0-12-821285-1.00021-X.
M. Yang and J. Zhang, “Data anomaly detection in the Internet of Things: A review of current trends and research challenges,” International Journal of Advanced Computer Science and Applications(IJACSA), vol. 14, no. 9, 2023, https://doi.org/10.14569/IJACSA.2023.0140901.
V. Demertzi, S. Demertzis, and K. Demertzis, “An overview of privacy dimensions on the Industrial Internet of Things (IIoT),” Algorithms, vol. 16, no. 8, p. 378, 2023, https://doi.org/10.3390/a16080378.
A. Heidari and M. A. Jabraeil Jamali, “Internet of Things intrusion detection systems: a comprehensive review and future directions,” Cluster Comput, vol. 26, no. 6, pp. 3753–3780, 2023, https://doi.org/10.1007/s10586-022-03776-z.
L. Idouglid, S. Tkatek, K. Elfayq, and A. Guezzaz, “A novel anomaly detection model for the Industrial Internet of Things using machine learning techniques,” Radioelectronic and Computer Systems, no. 1, 2024, https://doi.org/10.32620/reks.2024.1.12.
O. F. Awad, L. R. Hazim, A. A. Jasim, and O. Ata, “Enhancing IIoT security with machine learning and deep learning for intrusion detection,” Malaysian Journal of Computer Science (MJCS), vol. 37, no. 2, pp. 139–153, 2024, https://doi.org/10.22452/mjcs.vol37no2.3.
M. A. Alsoufi et al., “Anomaly-based intrusion detection systems in IoT using deep learning: A systematic literature review,” Applied Sciences, vol. 11, no. 18, p. 8383, 2021, https://doi.org/10.3390/app11188383.
S. D. A. Rihan, M. Anbar, and B. A. Alabsi, “Approach for detecting attacks on IoT networks based on ensemble feature selection and deep learning models,” Sensors, vol. 23, no. 17, p. 7342, 2023, https://doi.org/10.3390/s23177342.
N. B. Yusup, Hybrid Feature Selection Technique for Classification of Human Activity Recognition, PhD Thesis, Universiti Teknologi Malaysia, 2021.
J. Li, H. Chen, M. O. Shahizan, and L. M. Yusuf, “Enhancing IoT security: A comparative study of feature reduction techniques for intrusion detection system,” Intelligent Systems with Applications, vol. 23, p. 200407, 2024, https://doi.org/10.1016/j.iswa.2024.200407.
J. B. Awotunde, C. Chakraborty, and A. E. Adeniyi, “Intrusion detection in Industrial Internet of Things network‐based on deep learning model with rule‐based feature selection,” Wireless Communications and Mobile Computing, vol. 2021, no. 1, p. 7154587, 2021, https://doi.org/10.1155/2021/7154587.
B. I. Hairab, M. Said Elsayed, A. D. Jurcut, and M. A. Azer, “Anomaly detection based on CNN and regularization techniques against zero-day attacks in IoT networks,” IEEE Access, vol. 10, pp. 98427–98440, 2022, https://doi.org/10.1109/ACCESS.2022.3206367.
A. Chatterjee and B. S. Ahmed, “IoT anomaly detection methods and applications: A survey,” Internet of Things, vol. 19, p. 100568, 2022, https://doi.org/10.1016/j.iot.2022.100568.
I. Ullah and Q. H. Mahmoud, “Design and development of RNN anomaly detection model for IoT networks,” IEEE Access, vol. 10, pp. 62722–62750, 2022, https://doi.org/10.1109/ACCESS.2022.3176317.
Y. Zhang, Y. Liu, X. Guo, Z. Liu, X. Zhang, and K. Liang, “A BiLSTM-based DDoS attack detection method for edge computing,” Energies, vol. 15, no. 21, p. 7882, 2022, https://doi.org/10.3390/en15217882.
H. C. Altunay and Z. Albayrak, “A hybrid CNN+LSTM-based intrusion detection system for industrial IoT networks,” Engineering Science and Technology, an International Journal, vol. 38, p. 101322, 2023, https://doi.org/10.1016/j.jestch.2022.101322.
L. Xiaoyan and R. C. Raga, “BiLSTM model with attention mechanism for sentiment classification on Chinese mixed text comments,” IEEE Access, vol. 11, pp. 26199–26210, 2023, https://doi.org/10.1109/ACCESS.2023.3255990.
H. Kheddar, Y. Himeur, and A. I. Awad, “Deep transfer learning for intrusion detection in industrial control networks: A comprehensive review,” Journal of Network and Computer Applications, vol. 220, p. 103760, 2023, https://doi.org/10.1016/j.jnca.2023.103760.
M. Mohy-Eddine, A. Guezzaz, S. Benkirane, M. Azrour, and Y. Farhaoui, “An ensemble learning based intrusion detection model for industrial IoT security,” Big Data Min. Anal., vol. 6, no. 3, pp. 273–287, 2023, https://doi.org/10.26599/BDMA.2022.9020032.
A. E. Karrar, “The effect of using data pre-processing by imputations in handling missing values,” Indonesian Journal of Electrical Engineering and Informatics (IJEEI), vol. 10, no. 2, pp. 375–384, 2022, https://doi.org/10.52549/ijeei.v10i2.3730.
A. Verma and V. Ranga, “Machine learning based intrusion detection systems for IoT applications,” Wireless Pers Commun, vol. 111, no. 4, pp. 2287–2310, 2020, https://doi.org/10.1007/s11277-019-06986-8.
W. Lian, G. Nie, B. Jia, D. Shi, Q. Fan, and Y. Liang, “An intrusion detection method based on decision tree-recursive feature elimination in ensemble learning,” Mathematical Problems in Engineering, vol. 2020, pp. 1–15, 2020, https://doi.org/10.1155/2020/2835023.
M. Sahaya Sheela, “Enhancing wireless sensor network security through mutual information analysis for intrusion detection and resilience,” Journal of Electrical Systems (JES), vol. 20, no. 5s, pp. 1957–1965, 2024, https://doi.org/10.52783/jes.2532.
N. S. Yadav, V. P. Sharma, D. S. D. Reddy, and S. Mishra, “An effective network intrusion detection system using recursive feature elimination technique,” Engineering Proceedings, vol. 59, p. 99, 2023. https://doi.org/10.3390/engproc2023059099.
M. B. Musthafa et al., “Optimizing IoT intrusion detection using balanced class distribution, feature selection, and ensemble machine learning techniques,” Sensors, vol. 24, no. 13, p. 4293, 2024, https://doi.org/10.3390/s24134293.
A. Halbouni, T. S. Gunawan, M. H. Habaebi, M. Halbouni, M. Kartiwi, and R. Ahmad, “CNN-LSTM: Hybrid deep neural network for network intrusion detection system,” IEEE Access, vol. 10, pp. 99837–99849, 2022, https://doi.org/10.1109/ACCESS.2022.3206425.
R. Dhahbi and F. Jemili, “A deep learning approach for intrusion detection,” International Journal of Computer Science and Network Security, vol. 23, no. 10, pp. 89–96, 2023, doi: 10.22937/IJCSNS.2023.23.10.12.
I. Ullah and Q. H. Mahmoud, “Design and development of RNN anomaly detection model for IoT networks,” IEEE Access, vol. 10, pp. 62722–62750, 2022, https://doi.org/10.1109/ACCESS.2022.3176317.
S. Shende, S. Thorat, “Long Short-Term Memory (LSTM) deep learning method for intrusion detection in network security,” International Journal of Engineering Research & Technology (IJERT), vol. 9, no. 6, p. IJERTV9IS061016, 2020, https://doi.org/10.17577/IJERTV9IS061016.
D. V. Jeyanthi and B. Indrani, “IoT based intrusion detection system for healthcare using RNNBiLSTM deep learning strategy with custom features,” ITM Web of Conferences, vol. 57, p. 01009, 2023. https://doi.org/10.21203/rs.3.rs-2302072/v1.
A. A. Alahmadi et al., “DDoS attack detection in IoT-based networks using machine learning models: A survey and research directions,” Electronics, vol. 12, no. 14, p. 3103, 2023, https://doi.org/10.3390/electronics12143103.
Published
How to Cite
Issue
Section
License
International Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:• Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
• Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
• Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.