        TY  - JOUR
T1  - Real-Time Hybrid Machine Learning-Based Next-Generation Intrusion Detection System for Edge Computing Networks
AU  - Kumar, Amit
AU  - Kumar, Vivek
AU  - Bhadauria, Abhay
PY  - 2025
DA  - July
Y2  - 2025
DO  - 10.31127/tuje.1630410
JF  - Turkish Journal of Engineering
JO  - TUJE
PB  - Murat YAKAR
WT  - DergiPark
SN  - 2587-1366
SP  - 600
EP  - 611
VL  - 9
IS  - 3
LA  - en
AB  - With the rapid advancement of network technology, attacks such as denial-of-service (DoS), distributed denial-of-service (DDoS), and unknown or emerging threats are becoming more complex and harder to detect using conventional methods. Traditional intrusion detection systems (IDS) often struggle to detect attacks in high-speed real-time networks due to their reliance on rule-based or signature-based detection methods and limited processing speed. Additionally, organizations and industries are facing significant challenges due to the expansion of electronic devices like the Internet of Things (IoT) and running computer applications. There is an urgent need to secure these sensitive IoT high-speed network traffic systems. To address these limitations, this study develops a reliable and effective Hybrid Machine Learning-based Real-time Intrusion Detection System (HMLRT-IDS) to detect DoS, DDoS, and emerging attacks in real-time network traffic. The study proposes a Python programming-based algorithm for feature extraction that sniffs data from real-time network traffic and extracts relevant data related to the features, enabling the successful identification of cyber threats in real-time network traffic. Moreover, the Real-time Network Intrusion Detection-23 (RTNID23) dataset is constructed to evaluate the proposed HMLRT-IDS. Experimental results demonstrate that HMLRT-IDS achieves a remarkable accuracy of 99.88% with a response time as low as 0.001 seconds, making it highly efficient for real-time applications. Additionally, the proposed system outperforms several existing methods in terms of accuracy, speed, and adaptability, offering a significant advancement in intrusion detection for high-speed IoT or edge computing networks. This model simplifies the analysis of attacks and aids in determining the appropriate response when an attack occurs.
KW  - Feature Extraction
KW  - Malware detection
KW  - Intrusion Detection System
KW  - Pipelines
KW  - Edge Computing
CR  - King, J., &amp; Awad, A. I. (2016). A distributed security mechanism for resource-constrained IoT devices. Informatica, 40(1).
CR  - Weber, M., &amp; Boban, M. (2016). Security challenges of the Internet of Things. In 2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO),638–643. https://doi.org/10.1109/MIPRO.2016.7522219
CR  - Gendreau, A. A., &amp; Moorman, M. (2016). Survey of intrusion detection systems towards an end-to-end secure Internet of Things. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), 84–90. https://doi.org/10.1109/FiCloud.2016.20
CR  - Kafle, V. P., Fukushima, Y., &amp; Harai, H. (2016). Internet of Things standardization in ITU and prospective networking technologies. IEEE Communications Magazine, 54(9), 43–49. https://doi.org/10.1109/MCOM.2016.7565271
CR  - Aghdam, M. H., &amp; Kabiri, P. (2016). Feature selection for intrusion detection system using ant colony optimization. International Journal of Network Security, 18(3), 420–432.
CR  - KDD 99 dataset. (n.d.). Retrieved June 14, 2024, from https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
CR  - Modi, U., &amp; Jain, A. (2016). An improved method to detect intrusion. Informatics Engineering, an International Journal (IEIJ), 4(2). https://doi.org/10.5121/ieij.2016.4203
CR  - Sangkatsanee, P., Wattanapongsakorn, N., &amp; Charnsripinyo, C. (2011). Practical real-time intrusion detection using machine learning approaches. Computer Communications, 34(18), 2227-2235. https://doi.org/10.1016/j.comcom.2011.07.001
CR  - Saini, N., Bhat Kasaragod, V., Prakasha, K., &amp; Das, A. K. (2023). A hybrid ensemble machine learning model for detecting APT attacks based on network behavior anomaly detection. Concurrency and Computation: Practice and Experience, 35(28), e7865. https://doi.org/10.1002/cpe.7865
CR  - Zhang, H., Dai, S., Li, Y., &amp; Zhang, W. (2018). Real-time distributed-random-forest-based network intrusion detection system using Apache Spark. In 2018 IEEE 37th International Performance Computing and Communications Conference (IPCCC), 1–7. https://doi.org/10.1109/PCCC.2018.8711068
CR  - Elngar, A., Mohamed, D. A. E. A., &amp; Ghaleb, F. (2013). A real-time anomaly network intrusion detection system with high accuracy. Information Sciences Letters, 2(2), 49–56. https://dx.doi.org/10.12785/isl/020201
CR  - Jongsuebsuk, P., Wattanapongsakorn, N., &amp; Charnsripinyo, C. (2013). Real-time intrusion detection with fuzzy genetic algorithm. In 2013 10th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology, 1–6. https://doi.org/10.1109/ECTICon.2013.6559603
CR  - Derhab, A., &amp; Bouras, A. (2015). Multivariate correlation analysis and geometric linear similarity for real-time intrusion detection systems. Security and Communication Networks, 8(7), 1193–1212.  https://doi.org/10.1002/sec.1074
CR  - Rathore, M. M., Paul, A., Ahmad, A., Rho, S., Imran, M., &amp; Guizani, M. (2016). Hadoop-based real-time intrusion detection for high-speed networks. In 2016 IEEE Global Communications Conference (GLOBECOM),1–6. https://doi.org/10.1109/GLOCOM.2016.7841864
CR  - Lima Filho, F. S. D., Silveira, F. A., de Medeiros Brito Junior, A., Vargas-Solar, G., &amp; Silveira, L. F. (2019). Smart detection: An online approach for DoS/DDoS attack detection using machine learning. Security and Communication Networks, 2019(1), 1574749. https://doi.org/10.1155/2019/1574749
CR  - Kim, A., Park, M., &amp; Lee, D. H. (2020). AI-IDS: Application of deep learning to real-time Web intrusion detection. IEEE Access, 8, 70245–70261. https://doi.org/10.1109/ACCESS.2020.2986882
CR  - Zhang, H., Li, Y., Lv, Z., Sangaiah, A. K., &amp; Huang, T. (2020). A real-time and ubiquitous network attack detection based on deep belief network and support vector machine. IEEE/CAA Journal of Automatica Sinica, 7(3), 790–799. https://doi.org/10.1109/JAS.2020.1003099
CR  - Makuvaza, A., Jat, D. S., &amp; Gamundani, A. M. (2021). Deep neural network (DNN) solution for real-time detection of distributed denial of service (DDoS) attacks in software-defined networks (SDNs). SN Computer Science, 2(2), 107. https://doi.org/10.1007/s42979-021-00467-1
CR  - Shaikh, A., &amp; Gupta, P. (2022). Real-time intrusion detection based on residual learning through ResNet algorithm. International Journal of System Assurance Engineering and Management, 1–15. https://doi.org/10.1007/s13198-021-01558-1
CR  - Kali Linux. (n.d.). Retrieved November 18, 2024, from https://www.kali.org/
CR  - Kali Linux with hping3. (n.d.). Retrieved November 18, 2024, from https://www.kali.org/tools/hping3/
CR  - CICIDS2017 Dataset. (n.d.). Retrieved December 7, 2024, from https://www.unb.ca/cic/datasets/ids-2017.html
CR  - Banerjee, U., Vashishtha, A., &amp; Saxena, M. (2010). Evaluation of the capabilities of Wireshark as a tool for intrusion detection. International Journal of Computer Applications, 6(7), 1–5.
CR  - Singh, A. P., Singh, M., Bhatia, K., &amp; Pathak, H. (2024). Encrypted malware detection methodology without decryption using deep learning-based approaches. Turkish Journal of Engineering, 8(3), 498–509. https://doi.org/10.31127/tuje.1416933
CR  - Sinap, V. (2024). Comparative analysis of machine learning techniques for credit card fraud detection: Dealing with imbalanced datasets. Turkish Journal of Engineering, 8(2), 196–208. https://doi.org/10.31127/tuje.1386127
CR  - Alkashto, H., &amp; Elewi, A. (2024). Integration of blockchain and machine learning for safe and efficient autonomous car systems: A survey. Turkish Journal of Engineering, 8(2), 282–299. https://doi.org/10.31127/tuje.1366248
CR  - Mogaraju, J. K. (2024). Machine learning empowered prediction of geolocation using groundwater quality variables over YSR district of India. Turkish Journal of Engineering, 8(1), 31–45. https://doi.org/10.31127/tuje.1223779
CR  - Eryılmaz, E. E., Akleylek, S., Ertek, Y., &amp; Kılıç, E. (2024). A systematic survey of machine learning and deep learning models used in industrial Internet of Things security. MANAS Journal of Engineering, 12(1), 1–28. https://doi.org/10.51354/mjen.1197753
CR  - Isa, M. S., Wu, J., &amp; Yusuf, İ. (2024). Performance estimation of honeynet system for network security enhancement via copula linguistic. Sigma Journal of Engineering and Natural Sciences, 42(4), 1169–1182.
CR  - Basholli, F., Mema, B., &amp; Basholli, A. (2024). Training of information technology personnel through simulations for protection against cyber attacks. Engineering Applications, 3(1), 45–58. Retrieved from https://publish.mersin.edu.tr/index.php/enap/article/view/1191
CR  - Zela, K., &amp; Saliaj, L. (2023). Forecasting through neural networks: Bitcoin price prediction. Engineering Applications, 2(3), 218–224. Retrieved from https://publish.mersin.edu.tr/index.php/enap/article/view/874
CR  - Wardhani, R. W., Putranto, D. S. C., Jo, U., &amp; Kim, H. (2023). Toward enhanced attack detection and explanation in intrusion detection system-based IoT environment data. IEEE Access, 11, 131661–131676. https://doi.org/10.1109/ACCESS.2023.3336678
CR  - Maseer, Z. K., Yusof, R., Bahaman, N., Mostafa, S. A., &amp; Foozy, C. F. M. (2021). Benchmarking of machine learning for anomaly-based intrusion detection systems in the CICIDS2017 dataset. IEEE Access, 9, 22351–22370. https://doi.org/10.1109/ACCESS.2021.3056614
CR  - Thirimanne, S. P., Jayawardana, L., Yasakethu, L., Liyanaarachchi, P., &amp; Hewage, C. (2022). Deep neural network-based real-time intrusion detection system. SN Computer Science, 3(2), 145. https://doi.org/10.1007/s42979-022-01031-1
CR  - Callegari, C., Giordano, S., &amp; Pagano, M. (2024). A real-time deep learning-based approach for detecting network attacks. Big Data Research, 36, 100446. https://doi.org/10.1016/j.bdr.2024.100446
CR  - Menon, A. N. (2023). Network Traffic Data - Malicious Activity Detection [Dataset]. Kaggle. https://www.kaggle.com/datasets/advaitnmenon/network-traffic-data-malicious-activity-detection
CR  - Zhao, J., Jing, X., Yan, Z., &amp; Pedrycz, W. (2021). Network traffic classification for data fusion: A survey. Information Fusion, 72, 22-47.
CR  - Alalwany, E., &amp; Mahgoub, I. (2024). An effective ensemble learning-based real-time intrusion detection scheme for an in-vehicle network. Electronics, 13(5), 919. https://doi.org/10.3390/electronics13050919
CR  - Kumar, A., Kumar, V., &amp; Bhadauria, A. P. S. (2025). Optimizing intrusion detection in edge computing network: A hybrid ML approach with recursive feature elimination. International Journal of Intelligent Engineering and Systems, 18(1). https://doi.org/10.22266/ijies2025.0229.04
CR  - Juraev, D. A., Elsayed, E. E., Bulnes, J. J. D., Agarwal, P., &amp; Saeed, R. K. (2023). History of ill-posed problems and their application to solve various mathematical problems. Engineering Applications, 2(3), 279–290. Retrieved September 14, 2024, from https://publish.mersin.edu.tr/index.php/enap/article/view/1178
CR  - Demiröz, A., Barstugan, M., Saran, O., &amp; Battal, H. (2023). Determination of compaction parameters by image analysis technique. Advanced Engineering Science, 3, 137–150. https://publish.mersin.edu.tr/index.php/ades/article/view/1192
CR  - Kocalar, A. C. (2023). Sinkholes caused by agricultural excess water using and administrative traces of the process. Advanced Engineering Science, 3, 15–20. Retrieved from https://publish.mersin.edu.tr/index.php/ades/article/view/756
CR  - Naumov, A., Khmarskiy, P., Byshnev, N., &amp; Piatrouski, M. (2023). Methods and software for estimation of total electron content in the ionosphere using GNSS observations. Engineering Applications, 2(3), 243–253. Retrieved September 14, 2024, from https://publish.mersin.edu.tr/index.php/enap/article/view/1165
CR  - Meghraoui, K., Sebari, I., Bensiali, S., &amp; Ait El Kadi, K. (2022). An intelligent approach based on 3D CNN and multimodal remote sensing data for precise crop yield estimation: Case study of wheat in Morocco. Advanced Engineering Science, 2, 118–126. Retrieved September 14, 2024, from https://publish.mersin.edu.tr/index.php/ades/article/view/329
CR  - Rahman, A., Zaman, S., Parvej, S., Shill, P. C., Salim, M. S., &amp; Das, D. (2025). Fake news detection: Exploring the efficiency of soft and hard voting ensemble. Procedia Computer Science, 252, 748-757.
CR  - Ashraf, J., Raza, G. M., Kim, B. S., Wahid, A., &amp; Kim, H. Y. (2025). Making a real-time IoT network intrusion-detection system (INIDS) using a realistic BoT–IoT dataset with multiple machine-learning classifiers. Applied Sciences, 15(4), Article 2043. https://doi.org/10.3390/app15042043
CR  - Al-Na’amneh, Q., Aljaidi, M., Nasayreh, A., Gharaibeh, H., Al Mamlook, R. E., Jaradat, A. S., &amp; Samara, G. (2024). Enhancing IoT device security: CNN-SVM hybrid approach for real-time detection of DoS and DDoS attacks. Journal of Intelligent Systems, 33(1), 20230150.
UR  - https://doi.org/10.31127/tuje.1630410
L1  - https://dergipark.org.tr/en/download/article-file/4567394
ER  -