A Hybrid Method for Intrusion Detection in the IOT

Document Type : Original Article


MSC.Computer Networks, Faculty of Electricity, Computer and Advanced Technologies of Urmia University, Iran


In computer networks, introducing an intrusion detection system with high precision and accuracy is considered vital. In this article, a proposed model using a deep learning algorithm is presented and its results are analyzed. To evaluate the performance of this algorithm, NSL-KDD, CIC-IDS 2018, UNSW-NB15 and MQTT datasets have been used. The evaluation criteria include precision, accuracy, F1 score, and, readability. The new approach uses a hybrid algorithm that includes a convolutional neural network (CNN) to extract general features and long-short-term memory (LSTM) to extract periodic features that are in the form of a layer. are cross-connected, it is introduced to detect penetration. This algorithm showed the highest known accuracy of 99% on the NSL-KDD dataset.  It has reached 97% in all criteria in UNSW-NB15, 96% in all criteria in CIC-IDS 2018, and also, in MQTT for three abstraction levels of features, i.e. packet-based flow features, unidirectional flow, and The two-way flow has reached above 97%, which shows the superiority of this algorithm.


  • Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model”, Journal of Computational Science, vol. 25, pp.152-160, 2018.
  • Susilo and R. F. Sari, “Intrusion detection in IoT networks using a deep learning algorithm. Information, vol. 11, no. 5, p. 279, 2020.
  • Grill, T. Pevný, M. and Rehak, “Reducing false positives of network anomaly detection by local adaptive multivariate smoothing”, Journal of Computer and System Sciences, vol. 83, pp.43-57, 2017.
  • Smys, A. Basar, and H. Wang, “Hybrid intrusion detection system for internet of things (IoT)”, Journal of ISMAC., vol. 2, no. 04, pp.190-9, 2020.
  • Meng, E. W. Tischhauser, Q. Wang, Y. Wang, and J. Han, “When intrusion detection meets blockchain technology: A review”, Ieee Access, vol. 6, pp.10179-10188, 2018.
  • Kim, J. Kim, H. Kim, M. Shim, and E. Choi, “CNN-based network intrusion detection against denial-of-service attacks”, Electronics, vol. 9, no. 6, p. 916, 2020.
  • A. Althubiti, E. M. Jones, and K. Roy, “LSTM for anomaly-based network intrusion detection”, In 2018 28th International Telecommunication Networks and Applications Conference (ITNAC), IEEE, 2018, pp. 1-3.
  • A. Khan, M. Karim, and Y. Kim, “A scalable and hybrid intrusion detection system based on the convolutional-LSTM network”, Symmetry, vol. 11, no. 4, p. 583, 2019.
  • Amar, and B. E. Ouahidi, “Weighted LSTM for intrusion detection and data mining to prevent attacks”, Int. J. Data Mining, Modell. Manage., vol. 12, no. 3, pp. 308–329, 2020.
  • Uddin, A. A. Rahman, N. Uddin, J. Memon, R. A. Alsaqour, and S. Kazi, “Signature-based MultiLayer Distributed Intrusion Detection System using Mobile Agents”, Int. J. Network Security, vol. 15, pp.97-105, 2013.
  • H. Hamamoto, L. F. Carvalho, L. D. H. Sampaio, T. Abrão, and M. L. Proença Jr, “Network anomaly detection system using genetic algorithm and fuzzy logic”, Expert Systems with Applications, vol. 92, pp. 390-402, 2018.
  • Yin, Y. Zhu, J. Fei, and X. He, “A deep learning approach for intrusion detection using recurrent neural networks”, Ieee Access, vol. 5 pp. 21954–21961, 2017
  • T. Nguyen, and K. Kim, “Genetic convolutional neural network for intrusion detection systems”, Future Gener. Comput. Syst., vol. 113, 418–427, 2020M. T. Nguyen, and K. Kim, “Genetic convolutional neural network for intrusion detection systems”, Future Gener. Comput. Syst., vol. 113, 418–427, 2020.
  • Ravi, R. Chaganti, and M. Alazab, “Recurrent deep learning-based feature fusion ensemble meta-classifier approach for intelligent network intrusion detection system”. Computers and Electrical Engineering, vol. 102, p. 108156, 2022
  • Saba, A. Rehman, T. Sadad, H. Kolivand, and S. A. Bahaj, “Anomaly-based intrusion detection system for IoT networks through deep learning model”, Computers and Electrical Engineering, vol. 99, p. 107810, 2022
  • Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the kdd cup 99 data set,” In Computational Intelligence for Security and Defense Applications, IEEE, 2009, pp. 1–6.
  • https://www.unb.ca/cic/datasets/ids-2018.html
  • Moustafa, and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)”, In Proceedings of the 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, Australia, IEEE, November 2015, pp. 1–6
  • Ring, S. Wunderlich, D. Gr¨udl, D. Landes, A. Hotho, “A Toolset for Intrusion and Insider Threat Detection, In Data Analytics and Decision Support for Cybersecurity, Cham, Springer, 2017, pp. 3–31. https://doi.org/10.1007/978-3-319-59439-2-1.
  • Goodfellow, Y. Bengio, and A. Courville, Deep Learning, MIT Press, 2016.
  • Deng, “Deep Learning: Methods and Applications,” Foundations and Trends in Signal Processing, vol. 7, no. 3-4, pp. 197–387, 2014
  • Choudhury and A. Bhowal, “Comparative analysis of machine learning algorithms along with classifiers for network intrusion detection,” In 2015 International Conference on Smart Technologies and Management for Computing, Communication, Controls, Energy and Materials (ICSTM), IEEE, May 2015, pp. 89–95.
  • Anbar, R. Abdullah, I. H. Hasbullah, Y. W. Chong, and O. E. Elejla, “Comparative performance analysis of classification algorithms for intrusion detection system,” In 2016 14th Annual Conference on Privacy, Security and Trust (PST), IEEE, Dec 2016, pp. 282– 288
  • Y. Aung and M. M. Min, “An analysis of random forest algorithm based network intrusion detection system”, In 2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), IEEE, June 2017, pp. 127–132.
  • Garcia Cordero, S. Hauke, M. Muhlhauser, and M. Fischer, “Analyzing flow-based anomaly intrusion detection using Replicator Neural Networks,” In 2016 14th Annual Conference on Privacy, Security and Trust (PST). Auckland, New Zeland: IEEE, Dec 2016, pp. 317–324.
  • Wang, J. Zhang, and X. Wang, “Bilateral LSTM: A two-dimensional long shortterm memory model with multiply memory units for short-term cycle time forecasting in re-entrant manufacturing systems”, IEEE Transactions on Industrial Informatics, vol. 14, no. 2, pp. 748-758, 2017.
  • Guo, Y. Liu, A. Oerlemans, S. Lao, S. Wu, and M. S. Lew, “Deep learning for visual understanding: A review”, Neurocomputing, vol. 187, pp. 27-48, 2016.
  • M. Najafabadi, F. Villanustre, T. M. Khoshgoftaar, N. Seliya, R. Wald, and E. Muharemagc, “Deep Learning Techniques in Big Data Analytics”, In Big Data Technologies and Applications, Cham, Springer, 2016, pp. 133-156.
  • Malallah S. R. Zeebaree R. R. Zebari M. A. Sadeeq Z. S. Ageed, I. M. Ibrahim,... and K. J. Merceedi, “A Comprehensive Study of Kernel (Issues and Concepts) in Different Operating Systems”, Asian Journal of Research in Computer Science, vol. 8, no. 3, pp. 16-31, 2021.
  • Almiani, A. AbuGhazleh, A. Al-Rahayfeh, S. Atiewi, A. Razaque, “Deep recurrent neural network for IoT intrusion detection system”, Simulation Modelling Practice and Theory, vol. 101, p. 102031, 2020.
  • Kumar, “Evaluation metrics for intrusion detection systems-a study”, Evaluation, vol. 2, no. 11, pp.11-17, 2014.


  • Imrana Y. Xiang L. Ali, and Z. Abdul-Rauf, “A bidirectional LSTM deep learning approach for intrusion detection”, Expert Systems with Applications, vol. 185, p. 115524, 2021.
  • Liu, B. Kantarci, and C. Adams “Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset”, In Proceedings of the 2nd ACM workshop on wireless security and machine learning, 2020 Jul 13, pp. 25-30.
  • Gamage, J. Samarabandu, “Deep learning methods in network intrusion detection: A survey and an objective comparison”, Journal of Network and Computer Applications, vol. 169, p.102767, 2020.
  • Al-Emadi A. Al-Mohannadi, and F. Al-Senaid, “Using deep learning techniques for network intrusion detection”, In 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), IEEE, 2020 Feb 2, pp. 171-176
  • Azizjon A. Jumabek, and W. Kim, “1D CNN-based network intrusion detection with normalization on imbalanced data”, In 2020 International Conference on Artificial Intelligence in Information and Communication (ICAIIC), IEEE, 2020 Feb 19, pp. 218-224.
  • M. Kasongo, and Y. Sun, “Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset”, Journal of Big Data, vol. 7, no. 1, pp. 1-20, 2020.
  • R. Kanna and P. Santhi, “Unified deep learning approach for efficient intrusion detection system using integrated spatial–temporal features”, Knowledge-Based Systems, vol. 226, p.107132, 2021.
  • G. Gülmez and P. Angın, P. “A study on the efficacy of deep reinforcement learning for intrusion detection”, Sakarya University Journal of Computer and Information Sciences, vol. 4, no. 1, pp. 11-25, 2021.


 Hossein Faghih Aliabadi was born in 1995 in Mazandaran and received his M.Sc. in Computer Engineering from the University of Urmia, Iran in 2022  respectively. He has served as a reviewer for several journals and his research interests include IoT, Cloud Computing, and Deep learning.