MACHINE LEARNING BASED INTRUSION DETECTION SYSTEM FOR IOT NETWORKS UTILIZING LIGHTWEIGHT PROTOCOLS MQTT AND COAP

Abstract

With the massive growth of IoT devices, the attack surfaces have intensified, making cybersecurity a critical component for protecting organizational boundaries. Advancements in cybersecurity have increasingly integrated machine learning techniques to strengthen the identification and prevention of sophisticated threats. Intrusion Detection Systems (IDS) play a pivotal role in network security, IDS is employed in networks to raise critical flags during network management, particularly for malicious traffic identification and the detection of attacks, which remain a significant challenge. Traditional models often fall short due to their dependence on static rules and signature-based methods. This paper presents a cutting-edge IDS framework that leverages a combination of machine learning algorithms like Random Forest, Gradient Boosting, Naive Bayes, XGBoost, and Decision Trees to enhance both anomaly detection and threat classification. Tested on real network traffic, the system demonstrated an impressive accuracy rate of 99.46%. Furthermore, most existing research predominantly relies on datasets like NSL-KDD, KDD-CUP99, or CICIDS, which do not accurately reflect the traffic and attack patterns associated with lightweight communication protocols such as MQTT and CoAP, commonly used in IoT networks. To address this limitation, we utilized a more realistic dataset, the NET-SEC (Network Security) dataset, designed specifically for smaller network environments. This IDS offers a highly efficient and scalable solution, effectively addressing the limitations of conventional systems while providing robust, adaptive protection against evolving security threats.