Portable Intrusion Detection in IoT Enabled Smart

City Networks: A Comparative Study of Machine

Learning Models
Malala Stembinkosi Shapola Bo Ni Atanu Shuvam Roy
School of Electronic Information School of Electronic Information Robotics & Automation Research Lab (RARL)
Nanjing University of Information Nanjing University of Information Jiangxi University of Science & Technology
Science and Technology Science and Technology Ganzhou, Jiangxi, China
Nanjing, China Nanjing, China Indian Institute of Technology, Kanpur, India
[email protected] [email protected] [email protected]

Abstract—The Internet of Things (IoT) is transforming many or hardwired passwords, insecure network configurations, and
industries through the integration of the Internet with electronic poor security protocols.
and mechanical devices, as well as sensors, to make more intel- A large portion of enterprises poorly secure their IoT infras-
ligent systems in applications such as healthcare, smart homes,
and public safety. This rapid growth in IoT devices has resulted tructure, leaving systems vulnerable to attacks that could lead
in significant security risks, turning these systems into targets for to data breaches, operational disruptions, and even physical
cybercriminals. To counter these weaknesses, Network Intrusion harm. The likes of the Mirai botnet attack have demonstrated
Detection Systems are deployed, which monitor network traffic how hacked IoT devices can be used to carry out large-scale
to identify potential malicious activities. This paper evaluates the Distributed Denial-of-Service attacks, underscoring the need
performance of machine learning models in detecting intrusions
within IoT-enabled smart city networks. For this, the UNSW- for improvements in IoT security. Given all these issues, NIDS
NB15 dataset is used, which contains realistic network traffic. The plays an important role in the monitoring of network traffic,
dataset was preprocessed, including handling missing data, one- detecting malicious actions within an IoT ecosystem. This
hot encoding categorical variables, and normalizing numerical work involves an analysis of the different machine learning
features. The paper performs multi-class classification to iden- models for the detection of intrusion in the IoT-integrated
tify specific attack types. We tested various machine learning
algorithms, including Decision Tree, K-Nearest Neighbor, Linear smart city networks.
Regression, etc. classifiers. The preprocessed dataset contained This paper presents the evaluation of different machine
61 attributes with 81,173 entries, which was sufficient for the learning algorithms using the UNSW-NB15 dataset, which
models to be thoroughly tested. The results provide a lot of includes a complete set of real network traffic data for finding
insight into the strengths and weaknesses of various machine the best performance regarding detection and classification
learning techniques in improving the security of IoT networks,
especially in critical applications in smart cities. of anomalous traffic or particular attack types. This research
Index Terms—internet of things, machine learning, security introduces a new application for remote network intrusion
risks, smart cities detection. It uses machine learning algorithms to analyze
network data in real time, allowing users to monitor and
I. I NTRODUCTION fix security issues from any location proactively. The study
aims at enhancing IoT security in smart city environments
Rapid advancements in the Internet of Things have really by integrating thorough data analysis with user-friendly and
transformed enterprises through the enabling of extraordinary practical solutions, thus contributing to safer and more robust
connectivity and automation across various industries. The systems for vital infrastructure and users.
Internet of Things has enabled intelligent solutions for various
key sectors, including healthcare, smart homes, transportation, II. L ITERATURE R EVIEW
and public safety-all due to a vast number of integrated de- Machine learning techniques have been extensively applied
vices, sensors, and systems. Statistics projects that the number to enhance the performance of intrusion detection systems. For
of IoT devices will surge beyond 29 billion by 2030, repre- instance, Geyer and Carle [1] proposed a method that com-
senting extensive adoptions of this disruptive technology. In bines ML with automated protocol design to improve network
parallel with exponential expansion comes considerable secu- management and security. Their approach utilizes supervised
rity vulnerability, resulting in very severe threats to individuals and unsupervised learning techniques to optimize routing pro-
and businesses alike. To date, with increasing deployment, tocols based on real-time network conditions, thereby enhanc-
IoT devices have progressively become targets of hackers by ing the resilience of smart city networks against intrusions.
exploiting such well-known vulnerabilities as using default IoT based applications have increased rapidly in recent years.
Some of the recent works are mentioned here as well to its enhanced efficacy compared to conventional techniques
signify the importance of network intrusion. For example, for attack classification. The model exhibited good detection
the integration of automated attendance management systems accuracy and a low false alarm rate when evaluated on the
has transformed traditional methods of tracking attendance NSL-KDD dataset, hence demonstrating its efficacy. This
in educational and organizational settings [2]. A systematic study evaluates all current machine learning approaches for
literature review in 2022 highlights the effectiveness of various IoT intrusion detection and presents the corresponding results.
technologies [3]. Other works include food delivery robots [4], III. M ETHODOLOGY
[5], IoT heart monitoring systems [6], computer vision moni-
toring [7] etc. Application-aware protocols play a critical role The concept of the Internet of Things (IoT) aims to ex-
in optimizing network resources based on specific application pand the Internet’s capabilities beyond traditional computers
requirements. Research by Guha Roy et al. [8] discusses how and smartphones to include a wide range of electronic and
application-layer protocols like MQTT-SN can be enhanced mechanical devices, sensors, and more. As the number of
through ML techniques to estimate end-to-end delays and IoT applications grows, so too do the associated security
message loss effectively. This adaptation not only improves vulnerabilities.
IoT devices are increasingly utilized in various sectors,
communication efficiency but also strengthens the overall
including fire safety systems, drones, smart homes, and health-
security posture by ensuring that critical applications receive
care. The potential consequences of unauthorized access to
the necessary resources to function securely under varying
these systems can be catastrophic. To mitigate these risks,
network conditions. Moreover, Kumar et al. [9] highlighted
organizations implement Network Intrusion Detection Systems
the significance of vulnerability mining using ML models in
(NIDS), which monitor traffic for malicious activity and help
IoT network protocols. The study emphasizes how ML can
safeguard their cloud, on-premise, or hybrid infrastructures.
identify potential vulnerabilities by analyzing abnormal data
patterns, which is crucial for preemptively addressing security A. Dataset
threats in IoT environments [8]. This proactive approach is For this paper the UNSW-NB15 Dataset [15] was utilized.
essential in smart cities where the interconnectedness of de- This dataset has been provided to us by UNSW Canberra.
vices can amplify the impact of security breaches. Despite the The dataset has collected nine sorts of attack scenarios, which
advancements in ML-based IDS, several challenges remain. comprises of Fuzzers, Analysis, Backdoors, Dos, Exploits,
The high computational demands of some ML algorithms etc. are performed with the generated dataset. To preprocess
can lead to increased latency, which is detrimental in real- and analyze this information, tools like Argus and Bro-IDS
time applications typical in smart cities. Furthermore, the need were used, enabling the extraction of 49 features via several
for extensive labeled datasets for training poses a significant methodologies.
hurdle, as acquiring such data can be resource-intensive and
B. Dataset Preparation
time-consuming [10].
Elif et al. [11] devised a semi-supervised anomaly detection The dataset utilized in this study focuses on multi-class
system employing the k-means algorithm to detect network classification and comprises 81,173 rows and 69 columns.
assaults. During training, normal samples were grouped, and The target feature, attack_cat, represents the classification
a threshold was determined based on distances from cluster of network attacks into nine categories: Analysis, Backdoor,
centroids utilizing a validation dataset. Evaluation on the NSL- DoS, Exploits, Fuzzers, Generic, Normal, Reconnaissance, and
KDD dataset confirmed the method’s efficacy, attaining an Worms.
accuracy of above 80%. A framework for intrusion detec- 1) Data Preprocessing: To prepare the dataset for model-
tion was suggested using swarm optimization with parameter ing, the following steps were undertaken:
tuning and feature selection in multiple criteria linear pro- • Encoding Target Attribute: The attack_cat attribute

gramming (MCLP) and support vector machine (SVM) [12]. was encoded using LabelEncoder(), mapping each
The approach enhances detection and reduces false alarm rates category to an integer label:
by limiting characteristics, utilizing chaotic principles and – Analysis → 0,
adaptive parameters to improve efficiency. Experiments on the – Backdoor → 1,
NSL-KDD dataset exhibited enhanced detection efficacy with – DoS → 2,
less false alarms relative to the utilization of all features. Wang – Exploits → 3,
et al. [13] proposed an anomaly-based intrusion detection – Fuzzers → 4,
system (IDS) utilizing the Online Sequential Extreme Learning – Generic → 5,
Machine (OS-ELM) to tackle issues such as elevated data – Normal → 6,
volume, diminished detection rates, and false positives. The – Reconnaissance → 7,
method utilizes alpha profiling to decrease time complexity – Worms → 8.
and a feature selection ensemble to eliminate unnecessary The encoded labels were stored in the label attribute.
features, whereas beta profiling reduces the size of the training • One-Hot Encoding: The attack_cat attribute was
dataset. Farnaaz et al. [14] created an intrusion detection also one-hot encoded to represent categories as binary
system utilizing a random forest classifier, capitalizing on vectors.
 2) Feature Selection: After preprocessing, the dataset Least Squares Objective:
was reduced to 16 significant attributes, referred to as  2
n d
multi_data, for training and testing. These attributes are X
yi − w0 −
X
min wj xij  , (6)
listed in the following tab:filteredf eatures w
i=1 j=1
3) Dataset Splitting: The datasets were split into training
and testing subsets as follows: where n is the number of data points.
• The multi-class classification dataset (multi_data) 4) Linear Support Vector Machine (SVM): A linear SVM
was split with 70% of the data for training and 30% for seeks to find the hyperplane that maximizes the margin be-
testing. tween classes. [22]
Objective Function:
4) Target Feature: The primary target feature for both
datasets is label, which represents the encoded values of 1
min ∥w∥2 where,yi (w · xi + b) ≥ 1 ∀i, (7)
the attack_cat attribute. w,b 2

C. Machine Learning Methods Used Here, w is the weight, b is the bias, and yi are the labels.
5) Logistic Regression Model: Logistic regression predicts
1) Decision Tree Classifier: A decision tree classifier splits probabilities using the sigmoid function. [23], [24]
data into subsets based on feature values to form a tree Sigmoid Function:
structure. At each node, a decision is made to maximize
1
information gain or minimize Gini impurity. [16], [17] P (y = 1 | x) = σ(w · x + b) = , (8)
1+e −(w·x+b)
Information Gain (IG):
where w is the weight vector, and b is the bias.
X |Sv |
IG(S, F ) = H(S) − H(Sv ), (1) Log-Loss Function:
|S| n
v∈Values(F )
1X
L(w) = − [yi log P (yi ) + (1 − yi ) log(1 − P (yi ))] ,
where H(S) is the entropy of the dataset S, and Sv represents n i=1
subsets of S split by feature F . (9)
Gini Impurity: where n is the number of data points.
C
X 6) Multi-Layer Perceptron Classifier (MLP): An MLP is
Gini = 1 − p2j , (2) a neural network with one or more hidden layers. It uses
j=1 activation functions to model non-linearity. [25]
Feedforward:
where pj is class proportion of j instances in the dataset, and
C is the total number of classes. z(l+1) = W(l) a(l) + b(l) , a(l+1) = ϕ(z(l+1) ), (10)
2) K-Nearest-Neighbor Classifier: The k-nearest neighbor
where ϕ is the activation function, W(l) are weights, and b(l)
(KNN) algorithm assigns a class label based on the majority
are biases.
class of the k nearest data points. [18], [19]
Loss Function:
Distance Metric (Euclidean):
n C
v 1 XX
u d L=− yik log ŷik , (11)
uX n i=1
d(u, v) = t (ui − vi )2 , (3) k=1
i=1 where ŷik is the predicted probability for class k.
where u and v are data points in d-dimensional space. 7) Random Forest Classifier: A random forest is an ensem-
The class label is determined by: ble of decision trees trained on different subsets of the data
X and features. [14]
ĉ = arg max I(ci = k), (4) Prediction:
k∈C
i∈Nk
ĉ = mode({T1 (x), T2 (x), . . . , TK (x)}), (12)
where I is the indicator function, Nk represents the k-nearest
neighbors, and C is the set of classes. where Tk (x) is the prediction from the k-th tree.
3) Linear Regression Model: Linear regression is an ML IV. E XPERIMENTATION & R ESULTS
model that returns the relationship model between a dependent
variable y and independent variables X. [20], [21] A. Parameters of Accuracy
Model Equation: The performance of each model was evaluated using the
d
following metrics:
• Mean Absolute Error (MAE): The average magnitude
X
y = w0 + wj xj + ϵ, (5)
j=1 of errors in predictions, calculated as:
n
where w0 is the intercept, wj are the coefficients, and ϵ is the 1X
MAE = |yi − ŷi | (13)
error term. n i=1
 where yi are the true values, ŷi are the predicted values,
and n is the total number of instances.
• Mean Squared Error (MSE): The average squared
difference between predicted and actual values, defined
as: n
1X
MSE = (yi − ŷi )2 (14)
n i=1

• Root Mean Squared Error (RMSE): The square root

of MSE, given by:
√
RMSE = MSE (15) Fig. 2. MLP: Predicted vs Real Values

• R² Score: The proportion of the variance in the dependent

variable explained by the model, calculated as: D. Analysis of Results
Pn
(yi − ŷi )2 The performance of each model indicates the following:
2
R = 1 − Pi=1 n (16)
i=1 (yi − ȳ)
2 • Linear Regression: This model showed poor perfor-
mance with low accuracy and high error values. The low
where ȳ is the mean of the true values.
R² score indicates that it does not explain the variability
• Accuracy: The percentage of correctly classified in-
in the data effectively.
stances, computed as:
• Logistic Regression and Linear SVM: Both models per-
Number of Correct Predictions formed well, with accuracies close to 90%. Their ability
Accuracy = ×100 (17)
Total Number of Predictions to model multi-class classification effectively stems from
B. Experimental Results their robustness in handling linear decision boundaries.
• KNN and Random Forest: These models also performed
Table II summarizes the performance of various models
well, with accuracies above 88%. However, their slightly
used for multi-class classification.
higher error metrics suggest challenges in handling com-
plex decision boundaries.
TABLE II
P ERFORMANCE M ETRICS OF M ODELS • Decision Tree: The model showed the lowest accuracy
among tree-based methods, likely due to overfitting and
Model MAE MSE RMSE R² Score Accuracy (%) a lack of regularization.
Linear Regression 3.772 15.611 3.951 0.007 13.14
• MLP: The best-performing model with the highest ac-
Logistic Regression 0.236 0.700 0.837 53.88 89.81
curacy (89.94%) and lowest error metrics. Its ability to
Linear SVM 0.235 0.699 0.836 53.99 89.89
learn complex, non-linear patterns makes it ideal for this
KNN 0.265 0.808 0.899 46.73 88.55
Random Forest 0.256 0.782 0.885 47.83 89.06
task.
Decision Tree 0.352 1.126 1.061 24.15 85.45 As shown in the results, MLP is the most effective model for
MLP 0.233 0.690 0.831 54.59 89.94 this dataset, while Logistic Regression and Linear SVM are
suitable alternatives due to their simplicity and competitive
performance.
C. Prediction vs Real Values
Figures 1 and 2 illustrate the comparison of predicted V. D EPLOYMENT AND M ONITORING
vs actual values for Linear Regression and MLP models, A. Mobile Application for Real-Time Monitoring
respectively.
To enable real-time prediction and monitoring, a React
Native application was developed. This mobile application
connects to a Flask server, which hosts the trained machine
learning model. The app allows users to input relevant feature
values and receive predictions instantly from the server. This
setup ensures seamless integration between user interaction
and model inference.
1) Architecture Overview: The deployment architecture
consists of the following components:
• React Native App: A cross-platform mobile application
that provides an intuitive interface for data entry and
Fig. 1. Linear Regression: Predicted vs Real Values displays predictions. The app is designed to ensure ease
of use and responsiveness.
 • Flask Server: A lightweight Python-based web server preset/model. Preset Selection: preset is selected Populate
that hosts the trained machine learning model. The server formData with preset values “Custom” is selected Allow
processes requests from the app, performs inference using manual user input for all fields Input Validation: each
the model, and returns predictions. mandatory field field is empty Alert user: ”Mandatory
• Model Inference: The server loads the pre-trained ma- field is missing” Randomization (if needed): each empty
chine learning model and uses the input features from optional field Assign randomized value Data Submission:
the app to predict the output. The prediction is then sent Format formData into a single string for transmission
back to the app. Retrieve host and port from storage Send data to the
2) Workflow: The system operates as follows: server using POST request Response Handling: request
1) The user inputs the required feature values into the app. succeeds Parse server response Extract probabilities and
2) The app sends the input data to the Flask server via an predicted label Display results in modal Show error alert
HTTP POST request. User Interaction: Allow toggling between raw output and
3) The server processes the request, loads the trained formatted results Provide options to close the modal or
model, and performs inference on the input data. resend request
4) The prediction result is sent back to the app in the form 2) Server algorithm: The Prediction using Machine Learn-
of an HTTP response. ing Model algorithm focuses on making predictions based on
5) The app displays the prediction result to the user. data input and a selected machine learning model. It begins
3) Technical Implementation: The Flask server is by parsing the incoming JSON data to extract the model name
implemented in Python and utilizes libraries such as and input data. If either the model name or data is missing or
scikit-learn to load the model. The key steps in the invalid, an error message is returned. The algorithm proceeds
server-side implementation include: by preprocessing the data, which includes converting categor-
ical features to one-hot encoding, normalizing numerical data,
• Loading the trained model at startup to minimize infer-
and applying necessary transformations. After preparing the
ence latency.
data, the algorithm loads the appropriate pre-trained model
• Defining RESTful endpoints to handle requests from the
and makes predictions using the predict method, depending
mobile app.
on the model’s capabilities. The final output includes the
• Performing input validation to ensure the integrity of the
prediction results along with their associated probabilities.
data received.
If any errors occur during the process, an error message is
4) Demo of the Application: Figures 3 and 5 showcase returned, ensuring that the model’s predictions are accurately
the mobile app interface. Figure 3 illustrates the input screen, processed and reported.
while Figure 5 displays the prediction result. Prediction using ML Model
B. Mobile and Server algorithm (SERVER)
Input: JSON data containing model_name and data
1) Mobile algorithm: The IoT Intrusion Detection Work- Output: Prediction result with probabilities Parse the
flow outlines the process of detecting and handling intrusions input JSON to extract model_name and data
in an IoT system. It begins by initializing necessary config- model_name is missing or invalid Error: ”Missing or In-
urations, such as loading field labels and mandatory fields. valid model” data is missing Error: ”Missing input data”
The user can either choose a preset configuration or input Preprocess the input data: Convert categorical columns to
custom data manually, with input validation ensuring that all one-hot encoding Normalize numerical features using pre-
mandatory fields are filled. In the case of missing optional trained scalers Apply necessary transformations based on
data, randomization is applied to those fields. Once the data the feature set Load pre-trained models from the stored
is ready, it is submitted to a server using a POST request, model directory Select the model based on model_name
and the response is processed to extract the predicted results, from the loaded models Make predictions using the
including probabilities and labels. The results are displayed in selected model: Model has predict_proba method
a modal for user review, and the user is given options to toggle Compute probabilities using predict_proba Compute
between raw and formatted outputs or to resend the request predictions using predict Return the prediction and
if necessary. This workflow provides a systematic approach to probabilities in JSON format If any error occurs, return
intrusion detection and user interaction with the system. an error message with details.
IoT Intrusion Detection (APP)
3) Benefits of Deployment: The integration of a React
Input: Preset configuration values, Custom input val- Native app with a Flask server provides several advantages:
ues, Selected ML Model Output: Detection results • Real-Time Prediction: Enables users to quickly access
with probabilities and classification label Initialization: predictions without the need for manual computation.
Load field labels, mandatory fields, and preset configu- • Cross-Platform Support: The React Native app runs
rations. State Setup: Initialize states for isLoading, seamlessly on both iOS and Android devices.
responseModalVisible, formData, and selected • Scalability: The Flask server can be extended to handle
 Fig. 3. Mobile App: Input Screen Fig. 4. Mobile App: Model Selection Screen Fig. 5. Mobile App: Model Prediction Screen

more complex models or additional functionalities. this application can enable users to take a proactive approach
• User Accessibility: The mobile app makes the solution toward security threats and provide safer environments for
more accessible to non-technical users. critical infrastructure sectors. However, certain algorithms
are very computationally expensive, and the training usually
VI. C ONCLUSION requires a great deal of labeled data. Future research should try
The work presented here has critically studied the efficiency to overcome these limitations by finding lightweight models
of different machine learning models for NIDSs within IoT- suitable for real-time applications and by developing strategies
enabled smart city networks using the UNSW-NB15 dataset in for efficient data labeling. This research, therefore, adds to
simulating realistic network traffic patterns. The results point the increasing knowledge base on IoT security with some
out that machine learning algorithms like Decision Tree, K- insight into effective methodologies for intrusion detection.
Nearest Neighbor, Logistic Regression, and Random Forest The findings of this study indicate that, with the increasing
classifiers have very bright prospects regarding detection and adoption of IoT devices across different industries, there is a
classification of network activity into normal and malicious need to ensure that proper security is in place to protect against
activity classes. The comparison showed that all the models cyber threats that are continuously evolving. Further research
have their strengths, but Random Forest turned out to be in this area will be required to further our understanding and
an extremely robust classifier with very high accuracy rates improve the resilience of smart city networks against potential
and low false positive rates. This result points to the im- intrusions.
portance of choosing the right algorithms, considering spe-
cific characteristics of IoT traffic, which is often complex Future work in this area may be directed at the devel-
and heterogeneous. Besides, a new application for real-time opment of lightweight, efficient machine learning models
network monitoring represents a practical development of IoT intended for resource-constrained IoT devices. Since many
security. Integration of machine learning-based models into IoT environments are computationally limited, algorithms that
achieve high accuracy with low latency and very low resource [10] A. R. Gaidhani and A. D. Potgantwar, “A review of machine learning-
consumption must be considered. Hybrid models could be based routing protocols for wireless sensor network lifetime,” Engineer-
ing Proceedings, vol. 59, no. 1, p. 231, 2024.
considered by researchers that use a mix of traditional machine [11] M. E. Karsligl, A. G. Yavuz, M. A. Güvensan, K. Hanifi, and H. Bank,
learning with deep learning techniques; hence, it would allow “Network intrusion detection using machine learning anomaly detec-
detecting complex patterns in IoT network traffic without ex- tion algorithms,” in 2017 25th Signal Processing and Communications
Applications Conference (SIU), pp. 1–4, 2017.
cessive computational overhead. The employment of federated [12] S. M. Hosseini Bamakan, H. Wang, T. Yingjie, and Y. Shi, “An effective
learning approaches could allow the collaborative training intrusion detection framework based on mclp/svm optimized by time-
of models in a distributed manner by IoT devices without varying chaos particle swarm optimization,” Neurocomputing, vol. 199,
pp. 90–102, 2016.
compromising data privacy, further enhancing the applicability [13] H. Wang, J. Gu, and S. Wang, “An effective intrusion detection
of NIDSs in real-world IoT networks. framework based on svm with feature augmentation,” Knowledge-Based
Other potential future research directions include unsupu- Systems, vol. 136, pp. 130–139, 2017.
[14] N. Farnaaz and M. Jabbar, “Random forest modeling for network intru-
pervised or semi-supervised learning techniques to overcome sion detection system,” Procedia Computer Science, vol. 89, pp. 213–
the challenge of scarcity in labeled data. This allows intrusion 217, 2016. Twelfth International Conference on Communication Net-
detection systems to find anomalies and evolve with emerging works, ICCN 2016, August 19– 21, 2016, Bangalore, India Twelfth
International Conference on Data Mining and Warehousing, ICDMW
threats without complete dependence on predefined datasets. 2016, August 19-21, 2016, Bangalore, India Twelfth International Con-
Integrating contextual intelligence into NIDS can also be used ference on Image and Signal Processing, ICISP 2016, August 19-21,
to enhance their detection accuracy by considering specific 2016, Bangalore, India.
[15] N. Moustafa and J. Slay, “Unsw-nb15: a comprehensive data set for
device characteristics and behaviors within the IoT-enabled network intrusion detection systems (unsw-nb15 network data set),” in
smart city networks. This may involve domain-specific on- 2015 Military Communications and Information Systems Conference
tologies or knowledge graphs to enable a better understanding (MilCIS), pp. 1–6, 2015.
[16] Y.-Y. Song and L. Ying, “Decision tree methods: applications for
of the device behavior pattern and interaction. It is such classification and prediction,” Shanghai archives of psychiatry, vol. 27,
developments that are bound to help keep pace with the ever- no. 2, p. 130, 2015.
increasing complexity of IoT environments and the dynamic [17] M. A. Ferrag, L. Maglaras, A. Ahmim, M. Derdour, and H. Janicke,
“Rdtids: Rules and decision tree-based intrusion detection system for
nature of cyber threats. internet-of-things networks,” Future internet, vol. 12, no. 3, p. 44, 2020.
[18] R. Wazirali, “An improved intrusion detection system based on knn hy-
perparameter tuning and cross-validation,” Arabian Journal for Science
R EFERENCES and Engineering, vol. 45, no. 12, pp. 10859–10873, 2020.
[19] M. Mohy-Eddine, A. Guezzaz, S. Benkirane, and M. Azrour, “An
[1] F. Geyer and G. Carle, “Learning and generating distributed routing efficient network intrusion detection model for iot security using k-
protocols using graph-based deep learning,” in Proceedings of the 2018 nn classifier and feature selection,” Multimedia Tools and Applications,
Workshop on Big Data Analytics and Machine Learning for Data vol. 82, no. 15, pp. 23615–23633, 2023.
Communication Networks, pp. 40–45, 2018. [20] X. Su, X. Yan, and C.-L. Tsai, “Linear regression,” Wiley Interdisci-
[2] A. J. Moshayedi, A. S. Roy, H. Ghorbani, H. Lotfi, X. Zhang, L. Liao, plinary Reviews: Computational Statistics, vol. 4, no. 3, pp. 275–294,
and M. Gheisari, “A novel iot-enabled portable, secure automatic self- 2012.
lecture attendance system: design, development and comparison,” Inter- [21] M. A. Hamzah and S. H. Othman, “A review of support vector machine-
national Journal of Electronic Security and Digital Forensics, vol. 16, based intrusion detection system for wireless sensor network with dif-
no. 6, pp. 663–689, 2024. ferent kernel functions,” International Journal of Innovative Computing,
[3] A. Shuvam Roy, H. Lan, M. Gheisari, a. AfzaalAbbasi, A. J. M. vol. 11, no. 1, pp. 59–67, 2021.
Moshayedi, L. liao, and S. M. Hosseini Bamakan, “Automation at- [22] T. Joachims, “Training linear svms in linear time,” in Proceedings of the
tendance systems approaches: A practical review,” BOHR International 12th ACM SIGKDD international conference on Knowledge discovery
Journal of Internet of things, Artificial Intelligence and Machine Learn- and data mining, pp. 217–226, 2006.
ing, vol. 1, p. 25–34, Dec. 2022. [23] D. G. Kleinbaum, K. Dietz, M. Gail, M. Klein, and M. Klein, Logistic
[4] A. J. Moshayedi, A. S. Roy, L. Liao, A. S. Khan, A. Kolahdooz, regression. Springer, 2002.
and A. Eftekhari, “Design and development of foodiebot robot: From [24] S. Chalichalamala, N. Govindan, and R. Kasarapu, “Logistic regression
simulation to design,” IEEE Access, vol. 12, pp. 36148–36172, 2024. ensemble classifier for intrusion detection system in internet of things,”
[5] A. S. Roy and A. Das, “Advanced path tracking and traffic management Sensors, vol. 23, no. 23, p. 9583, 2023.
using ir sensors and timed automata,” Journal of Robotics Research [25] P. Shettar, A. V. Kachavimath, M. M. Mulla, G. Hanchinmani, et al.,
(JRR), vol. 1, no. 1, 2024. “Intrusion detection system using mlp and chaotic neural networks,”
[6] A. J. Moshayedi, A. Kolahdooz, A. S. Roy, S. A. L. Rostami, and X. Xie, in 2021 International Conference on Computer Communication and
“Design and promotion of cost-effective iot-based heart rate monitoring,” Informatics (ICCCI), pp. 1–4, IEEE, 2021.
in International Conference on Cloud Computing, Internet of Things,
and Computer Applications (CICA 2022), vol. 12303, pp. 405–410,
SPIE, 2022.
[7] A. Roy and P. Bagade, “Attentive-yolo: On-site water pipeline inspection
using efficient channel attention and reduced elan-based yolov7,” in
Proceedings of the 19th International Joint Conference on Computer
Vision, Imaging and Computer Graphics Theory and Applications -
Volume 4: VISAPP, pp. 492–499, INSTICC, SciTePress, 2024.
[8] D. G. Roy, B. Mahato, D. De, and R. Buyya, “Application-aware end-to-
end delay and message loss estimation in internet of things (iot)—mqtt-
sn protocols,” Future Generation Computer Systems, vol. 89, pp. 300–
316, 2018.
[9] R. Kumar, M. Swarnkar, G. Singal, and N. Kumar, “Iot network
traffic classification using machine learning algorithms: An experimental
analysis,” IEEE Internet of Things Journal, vol. 9, no. 2, pp. 989–1008,
2021.