Deep Learning-Based Intrusion Detection System on Edge Network to Detect Industrial Internet of Things Attack

Abstract

This paper presents an AI-based Intrusion Detection System (IDS) for detecting and classifying cyberattacks in network traffic using a balanced dataset with 63 features and 15 attack classes. After preprocessing the data, multiple machine learning and deep learning models were evaluated, where ensemble methods showed better performance for intrusion detection. The final model uses a soft-voting ensemble of XGBoost, Random Forest, and Extra Trees, achieving 93.2% accuracy with a macro precision and weighted F1-score of 0.93. To improve reliability, a confidence threshold mechanism marks uncertain predictions, reducing false alarms in practical deployment. The system is deployed through a Gradio-based interface for real-time analysis, attack prediction, and PDF report generation. This framework offers a practical and efficient AI-driven solution for real-time cybersecurity monitoring.

Introduction

The rapid expansion of digital networks has increased exposure to cyber threats such as DDoS attacks, malware, phishing, and unauthorized access, making network security a critical concern. Traditional tools like firewalls and antivirus systems are limited in detecting new or evolving attacks, leading to the adoption of Intrusion Detection Systems (IDS) enhanced with AI, machine learning, and deep learning techniques.

This study proposes an AI-based IDS capable of classifying 15 types of cyber threats using network traffic data. The system includes a preprocessing pipeline (handling missing data, feature selection, normalization, and encoding) and evaluates multiple models such as MLP, CNN, Autoencoder, XGBoost, Random Forest, and Extra Trees. A soft-voting ensemble model combining XGBoost, Random Forest, and Extra Trees is selected for its superior performance.

To improve reliability, a confidence threshold is introduced to reduce false alarms by labeling uncertain predictions. The system is also integrated into an interactive interface for real-time monitoring, analysis, and reporting.

Literature shows the evolution of IDS from signature-based to anomaly-based and AI-driven approaches, with ensemble methods providing the most balanced and accurate results. Overall, the proposed system offers a practical, accurate, and scalable solution for modern cybersecurity by combining intelligent detection, robustness, and real-time usability.

Conclusion

This research proposed an AI-powered Intrusion Detection System (IDS) for the classification of multiple cyber threats in network traffic using an ensemble learning framework. The system was developed using a structured preprocessing pipeline involving feature selection, missing value handling, label encoding, and normalization to prepare network traffic data for efficient classification. A comparative analysis of deep learning models and ensemble machine learning methods demonstrated that tree-based ensemble models provide superior performance for structured intrusion detection datasets [9], [10]. Based on the comparative evaluation, a soft-voting ensemble model integrating XGBoost, Random Forest, and Extra Trees was implemented as the final detection framework. The proposed model achieved an overall accuracy of 93.2%, along with strong macro precision and weighted F1-score, demonstrating its effectiveness in detecting multiple attack categories while maintaining balanced classification performance [14], [15]. To improve operational reliability, the system incorporated a confidence threshold mechanism that marks low-confidence predictions as uncertain. This enhancement reduces false alarms and improves trustworthiness, making the system more suitable for real-world cybersecurity applications [16]. The experimental results confirm that the proposed ensemble-based IDS provides accurate, reliable, and scalable intrusion detection, making it a practical solution for modern network security environments. By integrating strong predictive performance with real-time usability, this work contributes toward the development of more intelligent and dependable cybersecurity defense systems.

References

[1] J. R. Smith and A. L. Johnson, “The evolving landscape of cyber threats,” Journal of Cybersecurity Research, vol. 12, no. 3, pp. 123–145, 2020. [2] L. Chen and M. Li, “Impact of cyberattacks on critical infrastructure,” in Proceedings of the International Conference on Information Security, 2019, pp. 45–58. [3] R. Gupta and S. Kumar, “A review of intrusion detection systems,” IEEE Transactions on Network and Service Management, vol. 18, no. 1, pp. 1–15, 2021. [4] S. Al-Ghuribi and R. Al-Rubaye, “Machine learning for anomaly detection in cybersecurity: A survey,” Future Generation Computer Systems, vol. 127, pp. 230–245, 2022. [5] K. Scarfone and P. Mell, Guide to Intrusion Detection and Prevention Systems (IDPS), NIST Special Publication 800-94, 2007. [6] S. Axelsson, “Intrusion detection systems: A survey and taxonomy,” Technical Report, Chalmers University of Technology, 2000. [7] C. Modi, D. Patel, B. Borisaniya, A. Patel, and M. Rajarajan, “A survey of intrusion detection techniques in cloud,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42–57, 2013. [8] T. Revathi and A. Malathi, “A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection,” International Journal of Engineering Research & Technology, vol. 2, no. 12, pp. 1848–1853, 2013. [9] L. Breiman, “Random forests,” Machine Learning, vol. 45, no. 1, pp. 5–32, 2001. [10] T. Chen and C. Guestrin, “XGBoost: A scalable tree boosting system,” in Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2016, pp. 785–794. [11] R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, and S. Venkatraman, “Deep learning approach for intelligent intrusion detection system,” IEEE Access, vol. 7, pp. 41525–41550, 2019. [12] A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A deep learning approach for network intrusion detection system,” in Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies, 2016, pp. 21–26. [13] J. Kim, J. Kim, H. L. T. Thu, and H. Kim, “Long short term memory recurrent neural network classifier for intrusion detection,” in Proceedings of the International Conference on Platform Technology and Service, 2016, pp. 1–5. [14] N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, “A deep learning approach to network intrusion detection,” IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41–50, 2018. [15] O. Sagi and L. Rokach, “Ensemble learning: A survey,” Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, vol. 8, no. 4, p. e1249, 2018. [16] R. Polikar, “Ensemble learning,” in Ensemble Machine Learning, Boston, MA, USA: Springer, 2012, pp. 1–34.

Copyright

Copyright © 2026 Shrihari Mane, Vihas Poojari, Kunjan Karawade, Aayush Kanigava, Prof. Nilesh Patil. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.