Smart deep learning model for enhanced IoT intrusion detection.

Growing volumes and sensitivities of information in the growing IoT require strong cybersecurity measures to adequately counter increasingly sophisticated cyberattacks. Machine learning-based anomaly detection has the potential to be a viable solution through abnormal network traffic behavior identification that foretells intrusions. Existing approaches, however, are usually hampered by the inability to effectively counter the sophisticated and evolving nature of such threats, especially in preprocessing optimization and hyperparameter tuning, which typically adopt conventional machine learning and deep learning models. This paper addresses these limitations with large preprocessing steps followed by hyperparameter tuning of machine learning XGBoost and deep learning Sequential Neural Network (OSNN) algorithms through Grid Search for their best values to improve multiclass intrusion detection across varied datasets. These deep models were then augmented with a variety of various filters, kernels, activation functions, and regularization techniques in an attempt to boost them in detecting complex, multiclass intrusion patterns. The proposed system was tested comprehensively on three challenging datasets: NSL-KDD, UNSW-NB15, and CICIDS2017. The optimized XGBoost model worked exceptionally well on the NSL-KDD dataset with very high accuracy (99.93%), F1-score (99.84%), MCC (99.86%), and a very low FPR (0.0004). The optimized SNN model also performed well on the NSL-KDD dataset with an accuracy of 99.0% and an AUC of 1.00. Also, the OSNN model performed very well on UNSW-NB15 dataset with an accuracy of 96.80% and a loss of 0.0777, as well as on the CICIDS-2017 dataset with an accuracy of 99.53% and a loss of 0.0236. This superb performance of the OSNN model can be explained by the careful optimization of hyperparameters like strong activation functions (ReLU, GeLU, LeakyReLU), learning rates, dropout rates, and regularization techniques that enable it to learn intricate intrusion patterns efficiently using various datasets. These results highlight the potential of our proposed method to enhance intrusion detection, system integrity, fraud prevention, and ultimately optimize overall network performance.