Real-Time Hybrid Machine Learning-Based Next-Generation Intrusion Detection System for Edge Computing Networks

Year 2025, Volume: 9 Issue: 3, 600 - 611, 01.07.2025

Amit Kumar , Vivek Kumar Abhay Bhadauria

https://doi.org/10.31127/tuje.1630410

Abstract

With the rapid advancement of network technology, attacks such as denial-of-service (DoS), distributed denial-of-service (DDoS), and unknown or emerging threats are becoming more complex and harder to detect using conventional methods. Traditional intrusion detection systems (IDS) often struggle to detect attacks in high-speed real-time networks due to their reliance on rule-based or signature-based detection methods and limited processing speed. Additionally, organizations and industries are facing significant challenges due to the expansion of electronic devices like the Internet of Things (IoT) and running computer applications. There is an urgent need to secure these sensitive IoT high-speed network traffic systems. To address these limitations, this study develops a reliable and effective Hybrid Machine Learning-based Real-time Intrusion Detection System (HMLRT-IDS) to detect DoS, DDoS, and emerging attacks in real-time network traffic. The study proposes a Python programming-based algorithm for feature extraction that sniffs data from real-time network traffic and extracts relevant data related to the features, enabling the successful identification of cyber threats in real-time network traffic. Moreover, the Real-time Network Intrusion Detection-23 (RTNID23) dataset is constructed to evaluate the proposed HMLRT-IDS. Experimental results demonstrate that HMLRT-IDS achieves a remarkable accuracy of 99.88% with a response time as low as 0.001 seconds, making it highly efficient for real-time applications. Additionally, the proposed system outperforms several existing methods in terms of accuracy, speed, and adaptability, offering a significant advancement in intrusion detection for high-speed IoT or edge computing networks. This model simplifies the analysis of attacks and aids in determining the appropriate response when an attack occurs.

Keywords

Feature Extraction , Malware detection , Intrusion Detection System , Pipelines , Edge Computing

References

• King, J., & Awad, A. I. (2016). A distributed security mechanism for resource-constrained IoT devices. Informatica, 40(1).
• Weber, M., & Boban, M. (2016). Security challenges of the Internet of Things. In 2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO),638–643. https://doi.org/10.1109/MIPRO.2016.7522219
• Gendreau, A. A., & Moorman, M. (2016). Survey of intrusion detection systems towards an end-to-end secure Internet of Things. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), 84–90. https://doi.org/10.1109/FiCloud.2016.20
• Kafle, V. P., Fukushima, Y., & Harai, H. (2016). Internet of Things standardization in ITU and prospective networking technologies. IEEE Communications Magazine, 54(9), 43–49. https://doi.org/10.1109/MCOM.2016.7565271
• Aghdam, M. H., & Kabiri, P. (2016). Feature selection for intrusion detection system using ant colony optimization. International Journal of Network Security, 18(3), 420–432.
• KDD 99 dataset. (n.d.). Retrieved June 14, 2024, from https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
• Modi, U., & Jain, A. (2016). An improved method to detect intrusion. Informatics Engineering, an International Journal (IEIJ), 4(2). https://doi.org/10.5121/ieij.2016.4203
• Sangkatsanee, P., Wattanapongsakorn, N., & Charnsripinyo, C. (2011). Practical real-time intrusion detection using machine learning approaches. Computer Communications, 34(18), 2227-2235. https://doi.org/10.1016/j.comcom.2011.07.001
• Saini, N., Bhat Kasaragod, V., Prakasha, K., & Das, A. K. (2023). A hybrid ensemble machine learning model for detecting APT attacks based on network behavior anomaly detection. Concurrency and Computation: Practice and Experience, 35(28), e7865. https://doi.org/10.1002/cpe.7865
• Zhang, H., Dai, S., Li, Y., & Zhang, W. (2018). Real-time distributed-random-forest-based network intrusion detection system using Apache Spark. In 2018 IEEE 37th International Performance Computing and Communications Conference (IPCCC), 1–7. https://doi.org/10.1109/PCCC.2018.8711068
• Elngar, A., Mohamed, D. A. E. A., & Ghaleb, F. (2013). A real-time anomaly network intrusion detection system with high accuracy. Information Sciences Letters, 2(2), 49–56. https://dx.doi.org/10.12785/isl/020201
• Jongsuebsuk, P., Wattanapongsakorn, N., & Charnsripinyo, C. (2013). Real-time intrusion detection with fuzzy genetic algorithm. In 2013 10th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology, 1–6. https://doi.org/10.1109/ECTICon.2013.6559603
• Derhab, A., & Bouras, A. (2015). Multivariate correlation analysis and geometric linear similarity for real-time intrusion detection systems. Security and Communication Networks, 8(7), 1193–1212. https://doi.org/10.1002/sec.1074
• Rathore, M. M., Paul, A., Ahmad, A., Rho, S., Imran, M., & Guizani, M. (2016). Hadoop-based real-time intrusion detection for high-speed networks. In 2016 IEEE Global Communications Conference (GLOBECOM),1–6. https://doi.org/10.1109/GLOCOM.2016.7841864
• Lima Filho, F. S. D., Silveira, F. A., de Medeiros Brito Junior, A., Vargas-Solar, G., & Silveira, L. F. (2019). Smart detection: An online approach for DoS/DDoS attack detection using machine learning. Security and Communication Networks, 2019(1), 1574749. https://doi.org/10.1155/2019/1574749
• Kim, A., Park, M., & Lee, D. H. (2020). AI-IDS: Application of deep learning to real-time Web intrusion detection. IEEE Access, 8, 70245–70261. https://doi.org/10.1109/ACCESS.2020.2986882
• Zhang, H., Li, Y., Lv, Z., Sangaiah, A. K., & Huang, T. (2020). A real-time and ubiquitous network attack detection based on deep belief network and support vector machine. IEEE/CAA Journal of Automatica Sinica, 7(3), 790–799. https://doi.org/10.1109/JAS.2020.1003099
• Makuvaza, A., Jat, D. S., & Gamundani, A. M. (2021). Deep neural network (DNN) solution for real-time detection of distributed denial of service (DDoS) attacks in software-defined networks (SDNs). SN Computer Science, 2(2), 107. https://doi.org/10.1007/s42979-021-00467-1
• Shaikh, A., & Gupta, P. (2022). Real-time intrusion detection based on residual learning through ResNet algorithm. International Journal of System Assurance Engineering and Management, 1–15. https://doi.org/10.1007/s13198-021-01558-1
• Kali Linux. (n.d.). Retrieved November 18, 2024, from https://www.kali.org/
• Kali Linux with hping3. (n.d.). Retrieved November 18, 2024, from https://www.kali.org/tools/hping3/
• CICIDS2017 Dataset. (n.d.). Retrieved December 7, 2024, from https://www.unb.ca/cic/datasets/ids-2017.html
• Banerjee, U., Vashishtha, A., & Saxena, M. (2010). Evaluation of the capabilities of Wireshark as a tool for intrusion detection. International Journal of Computer Applications, 6(7), 1–5.
• Singh, A. P., Singh, M., Bhatia, K., & Pathak, H. (2024). Encrypted malware detection methodology without decryption using deep learning-based approaches. Turkish Journal of Engineering, 8(3), 498–509. https://doi.org/10.31127/tuje.1416933
• Sinap, V. (2024). Comparative analysis of machine learning techniques for credit card fraud detection: Dealing with imbalanced datasets. Turkish Journal of Engineering, 8(2), 196–208. https://doi.org/10.31127/tuje.1386127
• Alkashto, H., & Elewi, A. (2024). Integration of blockchain and machine learning for safe and efficient autonomous car systems: A survey. Turkish Journal of Engineering, 8(2), 282–299. https://doi.org/10.31127/tuje.1366248
• Mogaraju, J. K. (2024). Machine learning empowered prediction of geolocation using groundwater quality variables over YSR district of India. Turkish Journal of Engineering, 8(1), 31–45. https://doi.org/10.31127/tuje.1223779
• Eryılmaz, E. E., Akleylek, S., Ertek, Y., & Kılıç, E. (2024). A systematic survey of machine learning and deep learning models used in industrial Internet of Things security. MANAS Journal of Engineering, 12(1), 1–28. https://doi.org/10.51354/mjen.1197753
• Isa, M. S., Wu, J., & Yusuf, İ. (2024). Performance estimation of honeynet system for network security enhancement via copula linguistic. Sigma Journal of Engineering and Natural Sciences, 42(4), 1169–1182.
• Basholli, F., Mema, B., & Basholli, A. (2024). Training of information technology personnel through simulations for protection against cyber attacks. Engineering Applications, 3(1), 45–58. Retrieved from https://publish.mersin.edu.tr/index.php/enap/article/view/1191
• Zela, K., & Saliaj, L. (2023). Forecasting through neural networks: Bitcoin price prediction. Engineering Applications, 2(3), 218–224. Retrieved from https://publish.mersin.edu.tr/index.php/enap/article/view/874
• Wardhani, R. W., Putranto, D. S. C., Jo, U., & Kim, H. (2023). Toward enhanced attack detection and explanation in intrusion detection system-based IoT environment data. IEEE Access, 11, 131661–131676. https://doi.org/10.1109/ACCESS.2023.3336678
• Maseer, Z. K., Yusof, R., Bahaman, N., Mostafa, S. A., & Foozy, C. F. M. (2021). Benchmarking of machine learning for anomaly-based intrusion detection systems in the CICIDS2017 dataset. IEEE Access, 9, 22351–22370. https://doi.org/10.1109/ACCESS.2021.3056614
• Thirimanne, S. P., Jayawardana, L., Yasakethu, L., Liyanaarachchi, P., & Hewage, C. (2022). Deep neural network-based real-time intrusion detection system. SN Computer Science, 3(2), 145. https://doi.org/10.1007/s42979-022-01031-1
• Callegari, C., Giordano, S., & Pagano, M. (2024). A real-time deep learning-based approach for detecting network attacks. Big Data Research, 36, 100446. https://doi.org/10.1016/j.bdr.2024.100446
• Menon, A. N. (2023). Network Traffic Data - Malicious Activity Detection [Dataset]. Kaggle. https://www.kaggle.com/datasets/advaitnmenon/network-traffic-data-malicious-activity-detection
• Zhao, J., Jing, X., Yan, Z., & Pedrycz, W. (2021). Network traffic classification for data fusion: A survey. Information Fusion, 72, 22-47.
• Alalwany, E., & Mahgoub, I. (2024). An effective ensemble learning-based real-time intrusion detection scheme for an in-vehicle network. Electronics, 13(5), 919. https://doi.org/10.3390/electronics13050919
• Kumar, A., Kumar, V., & Bhadauria, A. P. S. (2025). Optimizing intrusion detection in edge computing network: A hybrid ML approach with recursive feature elimination. International Journal of Intelligent Engineering and Systems, 18(1). https://doi.org/10.22266/ijies2025.0229.04
• Juraev, D. A., Elsayed, E. E., Bulnes, J. J. D., Agarwal, P., & Saeed, R. K. (2023). History of ill-posed problems and their application to solve various mathematical problems. Engineering Applications, 2(3), 279–290. Retrieved September 14, 2024, from https://publish.mersin.edu.tr/index.php/enap/article/view/1178
• Demiröz, A., Barstugan, M., Saran, O., & Battal, H. (2023). Determination of compaction parameters by image analysis technique. Advanced Engineering Science, 3, 137–150. https://publish.mersin.edu.tr/index.php/ades/article/view/1192
• Kocalar, A. C. (2023). Sinkholes caused by agricultural excess water using and administrative traces of the process. Advanced Engineering Science, 3, 15–20. Retrieved from https://publish.mersin.edu.tr/index.php/ades/article/view/756
• Naumov, A., Khmarskiy, P., Byshnev, N., & Piatrouski, M. (2023). Methods and software for estimation of total electron content in the ionosphere using GNSS observations. Engineering Applications, 2(3), 243–253. Retrieved September 14, 2024, from https://publish.mersin.edu.tr/index.php/enap/article/view/1165
• Meghraoui, K., Sebari, I., Bensiali, S., & Ait El Kadi, K. (2022). An intelligent approach based on 3D CNN and multimodal remote sensing data for precise crop yield estimation: Case study of wheat in Morocco. Advanced Engineering Science, 2, 118–126. Retrieved September 14, 2024, from https://publish.mersin.edu.tr/index.php/ades/article/view/329
• Rahman, A., Zaman, S., Parvej, S., Shill, P. C., Salim, M. S., & Das, D. (2025). Fake news detection: Exploring the efficiency of soft and hard voting ensemble. Procedia Computer Science, 252, 748-757.
• Ashraf, J., Raza, G. M., Kim, B. S., Wahid, A., & Kim, H. Y. (2025). Making a real-time IoT network intrusion-detection system (INIDS) using a realistic BoT–IoT dataset with multiple machine-learning classifiers. Applied Sciences, 15(4), Article 2043. https://doi.org/10.3390/app15042043
• Al-Na’amneh, Q., Aljaidi, M., Nasayreh, A., Gharaibeh, H., Al Mamlook, R. E., Jaradat, A. S., & Samara, G. (2024). Enhancing IoT device security: CNN-SVM hybrid approach for real-time detection of DoS and DDoS attacks. Journal of Intelligent Systems, 33(1), 20230150.