Litcius/Paper detail

Enhancing cybersecurity in IoT systems: a hybrid deep learning approach for real-time attack detection

Mohammad Zahid, Taran Singh Bharati

2025Discover Internet of Things21 citationsDOIOpen Access PDF

Abstract

Cybersecurity risks have increased due to the growing ubiquity of Internet of Things (IoT) technology, making attack and anomaly detection a major concern. IoT systems face growing threats from attacks such as Distributed Denial of Service (DDoS), Denial of Service (DoS), Probing, R2L (Remote to Local), U2R (User to Root), Malware, Scanning, Port Scan, and Bot, all of which can seriously jeopardize system integrity, as they become more and more integrated into multiple domains. This paper proposes a hybrid deep learning model (CNN-BiLSTM) using CNN combined with Bidirectional Long Short-Term Memory (Bi-LSTM) for the better detection of such attacks in real-time. The proposed hybrid deep learning model (CNN-BiLSTM) was extensively evaluated on three benchmark datasets, namely KDDCup99, NSL-KDD, and CIC_IDS_2017. The proposed model exhibited outstanding performance on these datasets and yielded an accuracy of 99.9% on KDDCup99, 99.8% on NSL-KDD, and 98.0% on CIC_IDS_2017. Precision, recall, and F1 scores are similar in all attack categories, especially on complex threats such as DoS, DDoS, and malware. A comparison study with the state-of-the-art technique reflects our proposed model's superiority in terms of precision and recall. It offers a good lead toward real-world application and could be piloted in IoT environments by integrating into real-time security platforms to mitigate progressive cyber threats. The contribution of this work is a robust and scalable solution in the fast-growing IoT security area to both present and future challenges in securing critical infrastructures. This study presents a novel hybrid deep learning framework that uniquely integrates a Convolutional Neural Network (CNN) for high-dimensional feature extraction with Bidirectional Long Short-Term Memory (BiLSTM) to preserve temporal dependencies in network traffic patterns. Unlike conventional approaches, this model incorporates feature selection using the Least Absolute Shrinkage and Selection Operator (LASSO), ensuring computational efficiency. Furthermore, we employ the Synthetic Minority Over-sampling Technique (SMOTE) to mitigate class imbalance, an issue often overlooked in prior works.

Topics & Concepts

Computer securityInternet of ThingsComputer scienceDeep learningReal-time computingArtificial intelligenceEmbedded systemNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesAnomaly Detection Techniques and Applications