International Journal of

ADVANCED AND APPLIED SCIENCES

EISSN: 2313-3724, Print ISSN: 2313-626X

Frequency: 12

line decor
  
line decor

 Volume 12, Issue 6 (June 2025), Pages: 92-105

----------------------------------------------

 Original Research Paper

Intelligent intrusion detection for IoT and cyber-physical systems using machine learning

 Author(s): 

 Maha M. Althobaiti *

 Affiliation(s):

 Department of Computer Science, College of Computing and Information Technology, Taif University, Taif, Saudi Arabia

 Full text

    Full Text - PDF

 * Corresponding Author. 

   Corresponding author's ORCID profile:  https://orcid.org/0000-0001-6322-3963

 Digital Object Identifier (DOI)

  https://doi.org/10.21833/ijaas.2025.06.009

 Abstract

Machine learning (ML) plays a key role in intrusion detection systems (IDS) and Internet of Things (IoT) security by improving the ability of cyber-physical systems (CPSs) to resist attacks from malicious users. CPSs combine physical components with networking and communication technologies to ensure safe and efficient operations. However, attackers often try to disrupt or disable the computing resources of these systems. This paper presents a new ML-based IDS framework designed for CPSs. To develop this framework, an open-source dataset containing different types of cyberattacks and related detection features was used. The dataset was labeled and preprocessed to make it clean, balanced, and suitable for training ML models. Preprocessing steps included handling missing values, normalizing features, and balancing the class distribution. Two ML algorithms—Random Forest (RF) and Stochastic Gradient Descent (SGD)—were applied to build and train classification models for intrusion detection. The experimental results showed that the RF model achieved a high accuracy of 99.5%, outperforming the SGD model, which reached 93.6% accuracy. In addition to accuracy, model performance was also measured using precision, recall, and F1 score. The results demonstrate that the proposed IDS is effective in detecting cyberattacks and improving IoT security. It offers a scalable and reliable solution for protecting CPS environments. This research contributes to the development of more secure CPSs by enhancing the trustworthiness, robustness, and flexibility of IoT systems.

 © 2025 The Authors. Published by IASE.

 This is an open access article under the CC BY-NC-ND license ( http://creativecommons.org/licenses/by-nc-nd/4.0/).

 Keywords

 Intrusion detection, Cyber-physical systems, Machine learning, IoT security, Classification models

 Article history

 Received 10 January 2025, Received in revised form 15 May 2025, Accepted 25 May 2025

 Acknowledgment

The authors would like to acknowledge the Deanship of Graduate Studies and Scientific Research, Taif University, for funding this work. 

 Compliance with ethical standards

 Conflict of interest: The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

 Citation:

 Althobaiti MM (2025). Intelligent intrusion detection for IoT and cyber-physical systems using machine learning. International Journal of Advanced and Applied Sciences, 12(6): 92-105

  Permanent Link to this page

 Figures

  Fig. 1  Fig. 2  Fig. 3

 Tables

  Table 1  Table 2  Table 3 

----------------------------------------------   

 References (54)

  1. Alangari S (2024). An unsupervised machine learning algorithm for attack and anomaly detection in IoT sensors. Wireless Personal Communications.  https://doi.org/10.1007/s11277-023-10811-8    [Google Scholar]
  2. Alqaralleh BA, Aldhaban F, AlQarallehs EA, and Al-Omari AH (2022). Optimal machine learning enabled intrusion detection in cyber-physical system environment. Computers, Materials and Continua, 72(3): 4691-4707. https://doi.org/10.32604/cmc.2022.026556    [Google Scholar]
  3. Altulaihan E, Almaiah MA, and Aljughaiman A (2024). Anomaly detection IDS for detecting DoS attacks in IoT networks based on machine learning algorithms. Sensors, 24(2): 713.  https://doi.org/10.3390/s24020713    [Google Scholar] PMid:38276404 PMCid:PMC10820271
  4. Aly M, Khomh F, Haoues M, Quintero A, and Yacout S (2019). Enforcing security in Internet of Things frameworks: A systematic literature review. Internet of Things, 6: 100050.  https://doi.org/10.1016/j.iot.2019.100050    [Google Scholar]
  5. Ashibani Y and Mahmoud QH (2017). Cyber physical systems security: Analysis, challenges and solutions. Computers and Security, 68: 81-97.  https://doi.org/10.1016/j.cose.2017.04.005    [Google Scholar]
  6. Baskaran SBM, Arumugam S, and Prasad AR (2019). Internet of things security. Journal of ICT Standardization, 7(1): 21-42. https://doi.org/10.13052/jicts2245-800X.712    [Google Scholar]
  7. Bertoli GDC, Júnior LAP, Saotome O, Dos Santos AL, Verri FAN, Marcondes CAC, Barbieri S, Rodrigues MS, and De Oliveira JMP (2021). An end-to-end framework for machine learning-based network intrusion detection system. IEEE Access, 9: 106790-106805.  https://doi.org/10.1109/ACCESS.2021.3101188    [Google Scholar]
  8. Blasch E, Kadar I, Grewe LL, Brooks R, Yu W, Kwasinski A, Thomopoulos S, Salerno J, and Qi H (2017). Panel summary of cyber-physical systems (CPS) and internet of things (IoT) opportunities with information fusion. In the Signal Processing, Sensor/Information Fusion, and Target Recognition XXVI, SPIE, Anaheim, USA, 102000O: 171-188.  https://doi.org/10.1117/12.2264683    [Google Scholar]
  9. Burg A, Chattopadhyay A, and Lam KY (2017). Wireless communication and security issues for cyber–physical systems and the Internet-of-Things. Proceedings of the IEEE, 106(1): 38-60.  https://doi.org/10.1109/JPROC.2017.2780172    [Google Scholar]
  10. Burkov A (2019). The hundred-page machine learning book. Volume 1, Andriy Burkov, Quebec City, Canada.    [Google Scholar]
  11. Colelli R, Magri F, Panzieri S, and Pascucci F (2021). Anomaly-based intrusion detection system for cyber-physical system security. In the 29th Mediterranean Conference on Control and Automation (MED), IEEE, PUGLIA, Italy: 428-434.  https://doi.org/10.1109/MED51440.2021.9480182    [Google Scholar]
  12. Cram WA, Proudfoot JG, and D'arcy J (2017). Organizational information security policies: A review and research framework. European Journal of Information Systems, 26(6): 605-641.  https://doi.org/10.1057/s41303-017-0059-9    [Google Scholar]
  13. Djenna A, Harous S, and Saidouni DE (2021). Internet of things meet internet of threats: New concern cyber security issues of critical cyber infrastructure. Applied Sciences, 11(10): 4580.  https://doi.org/10.3390/app11104580    [Google Scholar]
  14. Dorado G, Gálvez S, and del Pilar Dorado M (2021). Computer firewalls: Security and privacy protection for Mac: Review. Big Data and Information Analytics, 6: 1-11.  https://doi.org/10.3934/bdia.2021001    [Google Scholar]
  15. Douiba M, Benkirane S, Guezzaz A, and Azrour M (2023). An improved anomaly detection model for IoT security using decision tree and gradient boosting. The Journal of Supercomputing, 79(3): 3392-3411.  https://doi.org/10.1007/s11227-022-04783-y    [Google Scholar]
  16. Elhanashi A, Gasmi K, Begni A, Dini P, Zheng Q, and Saponara S (2023). Machine learning techniques for anomaly-based detection system on CSE-CIC-IDS2018 dataset. In: Berta R and De Gloria A (Eds.), Applications in electronics pervading industry, environment and society: 131-140. Springer, Cham, Switzerland.  https://doi.org/10.1007/978-3-031-30333-3_17    [Google Scholar]
  17. El-Kady AH, Halim S, El-Halwagi MM, and Khan F (2023). Analysis of safety and security challenges and opportunities related to cyber-physical systems. Process Safety and Environmental Protection, 173: 384-413. https://doi.org/10.1016/j.psep.2023.03.012    [Google Scholar]
  18. Gadal S, Mokhtar R, Abdelhaq M, Alsaqour R, Ali ES, and Saeed R (2022). Machine learning-based anomaly detection using K-mean array and sequential minimal optimization. Electronics, 11(14): 2158.  https://doi.org/10.3390/electronics11142158    [Google Scholar]
  19. Gupta BB and Quamara M (2020). An overview of Internet of things (IoT): Architectural aspects, challenges, and protocols. Concurrency and Computation: Practice and Experience, 32(21): e4946.  https://doi.org/10.1002/cpe.4946    [Google Scholar]
  20. Hao W, Yang T, and Yang Q (2021). Hybrid statistical-machine learning for real-time anomaly detection in industrial cyber–physical systems. IEEE Transactions on Automation Science and Engineering, 20(1): 32-46.  https://doi.org/10.1109/TASE.2021.3073396    [Google Scholar]
  21. Hyder B, Ahmed A, Mana P, Edgar T, and Niddodi S (2023). Leveraging high-fidelity datasets for machine learning-based anomaly detection in smart grids. In the 11th Workshop on Modelling and Simulation of Cyber-Physical Energy Systems, IEEE, San Antonio, USA: 1-6.  https://doi.org/10.1109/MSCPES58582.2023.10123428    [Google Scholar]
  22. Kahmann F, Dreyer J, and Toenjes R (2023). Dynamic VLAN-tagging approach for IoT Network Segmentation and ad-hoc Connectivity. In the 27th ITG-Symposium: Mobile Communication-Technologies and Applications, VDE, Osnabrück, Germany: 55-60.    [Google Scholar]
  23. Kaur A, Singh G, Kukreja V, Sharma S, Singh S, and Yoon B (2022). Adaptation of IoT with blockchain in food supply chain management: An analysis-based review in development, benefits and potential applications. Sensors, 22(21): 8174.  https://doi.org/10.3390/s22218174    [Google Scholar] PMid:36365871 PMCid:PMC9655358
  24. Khan MM and Alkhathami M (2024). Anomaly detection in IoT-based healthcare: Machine learning for enhanced security. Scientific Reports, 14: 5872.  https://doi.org/10.1038/s41598-024-56126-x    [Google Scholar] PMid:38467709 PMCid:PMC10928137
  25. Kimani K, Oduol V, and Langat K (2019). Cyber security challenges for IoT-based smart grid networks. International Journal of Critical Infrastructure Protection, 25: 36-49.  https://doi.org/10.1016/j.ijcip.2019.01.001    [Google Scholar]
  26. Kirubakaran S, Maheswari K, Bhavani M, Syamsundar C, Rani BS, and Raju KS (2024). A significant and enhanced machine learning algorithm by using feature selection network intrusion identification and detection. In the 5th International Conference on Data Intelligence and Cognitive Informatics, IEEE, Tirunelveli, India: 593-597.  https://doi.org/10.1109/ICDICI62993.2024.10810806    [Google Scholar]
  27. Kizza JM (2024). System intrusion detection and prevention. In: Kizza JM (Ed.), Guide to computer network security: 295-323. Springer International Publishing, Cham, Switzerland.  https://doi.org/10.1007/978-3-031-47549-8_13    [Google Scholar]
  28. Lai T, Farid F, Bello A, and Sabrina F (2024). Ensemble learning based anomaly detection for IoT cybersecurity via Bayesian hyperparameters sensitivity analysis. Cybersecurity, 7: 44.  https://doi.org/10.1186/s42400-024-00238-4    [Google Scholar]
  29. Lesch V, Züfle M, Bauer A, Iffländer L, Krupitzer C, and Kounev S (2023). A literature review of IoT and CPS—What they are, and what they are not. Journal of Systems and Software, 200: 111631.  https://doi.org/10.1016/j.jss.2023.111631    [Google Scholar]
  30. Makhdoom I, Abolhasan M, Lipman J, Liu RP, and Ni W (2018). Anatomy of threats to the Internet of Things. IEEE Communications Surveys and Tutorials, 21(2): 1636-1675.  https://doi.org/10.1109/COMST.2018.2874978    [Google Scholar]
  31. Malik AK, Emmanuel N, Zafar S, Khattak HA, Raza B, Khan S, Al-Bayatti AH, Alassafi MO, Alfakeeh AS, and Alqarni MA (2020). From conventional to state-of-the-art IoT access control models. Electronics, 9(10): 1693.  https://doi.org/10.3390/electronics9101693    [Google Scholar]
  32. Nguyen TT and Reddi VJ (2021). Deep reinforcement learning for cyber security. IEEE Transactions on Neural Networks and Learning Systems, 34(8): 3779-3795.  https://doi.org/10.1109/TNNLS.2021.3121870    [Google Scholar] PMid:34723814
  33. Nour AA, Mehbodniya A, Webber JL, Bostani A, Shah B, and Ergashevich BZ (2023). Optimizing intrusion detection in industrial cyber-physical systems through transfer learning approaches. Computers and Electrical Engineering, 111: 108929.  https://doi.org/10.1016/j.compeleceng.2023.108929    [Google Scholar]
  34. Omolara AE, Alabdulatif A, Abiodun OI, Alawida M, Alabdulatif A, Alshoura WH, and Arshad H (2022). The internet of things security: A survey encompassing unexplored areas and new insights. Computers and Security, 112: 102494.  https://doi.org/10.1016/j.cose.2021.102494    [Google Scholar]
  35. Pal K and Patel BV (2020). Emotion classification with reduced feature set sgdclassifier, random forest and performance tuning. In: Chaubey N, Parikh S, and Amin K (Eds.), Computing science, communication and security: 95-108. Springer, Singapore, Singapore.  https://doi.org/10.1007/978-981-15-6648-6_8    [Google Scholar]
  36. Pütz P, Mitev R, Miettinen M, and Sadeghi AR (2023). Unleashing iot security: Assessing the effectiveness of best practices in protecting against threats. In the 39th Annual Computer Security Applications Conference, Association for Computing Machinery, Austin, USA: 190-204. https://doi.org/10.1145/3627106.3627133    [Google Scholar]
  37. Ramachandran A, Gayathri K, Alkhayyat A, and Malik RQ (2023). Aquila optimization with machine learning-based anomaly detection technique in cyber-physical systems. Computer Systems Science and Engineering, 46(2): 2177–2194.  https://doi.org/10.32604/csse.2023.034438    [Google Scholar]
  38. Rodriguez E, Otero B, Gutierrez N, and Canal R (2021). A survey of deep learning techniques for cybersecurity in mobile networks. IEEE Communications Surveys and Tutorials, 23(3): 1920-1955.  https://doi.org/10.1109/COMST.2021.3086296    [Google Scholar]
  39. Sangodoyin AO, Akinsolu MO, Pillai P, and Grout V (2021). Detection and classification of DDoS flooding attacks on software-defined networks: A case study for the application of machine learning. IEEE Access, 9: 122495-122508.  https://doi.org/10.1109/ACCESS.2021.3109490    [Google Scholar]
  40. Santos VF, Albuquerque C, Passos D, Quincozes SE, and Mossé D (2023). Assessing machine learning techniques for intrusion detection in cyber-physical systems. Energies, 16(16): 6058.  https://doi.org/10.3390/en16166058    [Google Scholar]
  41. Saranya T, Sridevi S, Deisy C, Chung TD, and Khan MA (2020). Performance analysis of machine learning algorithms in intrusion detection system: A review. Procedia Computer Science, 171: 1251-1260. https://doi.org/10.1016/j.procs.2020.04.133    [Google Scholar]
  42. Selmy HA, Mohamed HK, and Medhat W (2024). Big data analytics deep learning techniques and applications: A survey. Information Systems, 120: 102318.  https://doi.org/10.1016/j.is.2023.102318    [Google Scholar]
  43. Sfar AR, Natalizio E, Challal Y, and Chtourou Z (2018). A roadmap for security challenges in the Internet of Things. Digital Communications and Networks, 4(2): 118-137.  https://doi.org/10.1016/j.dcan.2017.04.003    [Google Scholar]
  44. Sha K, Wei W, Yang TA, Wang Z, and Shi W (2018). On security challenges and open issues in Internet of Things. Future Generation Computer Systems, 83: 326-337.  https://doi.org/10.1016/j.future.2018.01.059    [Google Scholar]
  45. Sharma S, Tyagi R, and Bhardwaj R (2023). Sustainable smart society development based on geo sensitive equality using Vedic structure, artificial intelligence, blockchain and IoT. In the 1st International Conference on Circuits, Power and Intelligent Systems, IEEE, Bhubaneswar, India: 1-6.  https://doi.org/10.1109/CCPIS59145.2023.10291593    [Google Scholar]
  46. Shaukat K, Luo S, Varadharajan V, Hameed IA, Chen S, Liu D, and Li J (2020). Performance comparison and current challenges of using machine learning techniques in cybersecurity. Energies, 13(10): 2509.  https://doi.org/10.3390/en13102509    [Google Scholar]
  47. Tushkanova O, Levshun D, Branitskiy A, Fedorchenko E, Novikova E, and Kotenko I (2023). Detection of cyberattacks and anomalies in cyber-physical systems: Approaches, data sources, evaluation. Algorithms, 16: 85.  https://doi.org/10.3390/a16020085    [Google Scholar]
  48. Tyagi AK and Sreenath N (2021). Cyber physical systems: Analyses, challenges and possible solutions. Internet of Things and Cyber-Physical Systems, 1: 22-33.  https://doi.org/10.1016/j.iotcps.2021.12.002    [Google Scholar]
  49. Vigoya L, Pardal A, Fernandez D, and Carneiro V (2023). Application of machine learning algorithms for the validation of a new CoAP-IoT anomaly detection dataset. Applied Sciences, 13(7): 4482.  https://doi.org/10.3390/app13074482    [Google Scholar]
  50. Xin Y, Kong L, Liu Z, Chen Y, Li Y, Zhu H, Gao M, Hou H, and Wang C (2018). Machine learning and deep learning methods for cybersecurity. IEEE Access, 6: 35365-35381.  https://doi.org/10.1109/ACCESS.2018.2836950    [Google Scholar]
  51. Yaacoub JPA, Salman O, Noura HN, Kaaniche N, Chehab A, and Malli M (2020). Cyber-physical systems security: Limitations, issues and future trends. Microprocessors and Microsystems, 77: 103201.  https://doi.org/10.1016/j.micpro.2020.103201    [Google Scholar] PMid:32834204 PMCid:PMC7340599
  52. Yang T, Jiang Z, Liu P, Yang Q, and Wang W (2023). A traffic anomaly detection approach based on unsupervised learning for industrial cyber–physical system. Knowledge-Based Systems, 279: 110949.  https://doi.org/10.1016/j.knosys.2023.110949    [Google Scholar]
  53. Yang W, Wang S, Sahri NM, Karie NM, Ahmed M, and Valli C (2021). Biometrics for Internet-of-Things security: A review. Sensors, 21(18): 6163.  https://doi.org/10.3390/s21186163    [Google Scholar] PMid:34577370 PMCid:PMC8472874
  54. Zhou Y, Yu FR, Chen J, and Kuo Y (2019). Cyber-physical-social systems: A state-of-the-art survey, challenges and opportunities. IEEE Communications Surveys and Tutorials, 22(1): 389-425.  https://doi.org/10.1109/COMST.2019.2959013    [Google Scholar]