Implementing an Intrusion Detection System in Internet of Things Resource-Constraint Environment Using Hybrid Extreme Gradient Boost and Gated Recurrent Unit
DOI:
https://doi.org/10.70882/noun-ijcea.2026.1141Keywords:
Adversarial Machine Learning, Deep Learning, Internet of Things, Intrusion Detection Systems, LightweightAbstract
Intrusion Detection Systems (IDS) for Internet of Things (IoT) environments increasingly rely on deep learning models to detect complex attack patterns. While recent architectures achieve high accuracy under benign conditions, their resilience against adversarial evasion attacks remains insufficiently explored. This study evaluated adversarial robustness as primary design objective rather than secondary performance attribute. A lightweight hybrid XGBoost–GRU model was proposed and compared against attention-based LSTM (AT-LSTM). Gradient-based evasion attacks that includes Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD) were employed under bounded perturbation budgets to simulate realistic adversarial behaviour. Experimental results on the UNSW-NB15 dataset showed that with the FGSM attack, XGBoost–GRU model retains approximately 90% accuracy at ε = 0.10 whereas the AT-LSTM degrades more sharply to approximately 86%. Under the PGD attacks which represent stronger and more adaptive adversarial strategy, the AT-LSTM experienced severe performance collapse with adversarial accuracy dropping to approximately 43% at ε = 0.10 while the developed XGBoost–GRU model maintains adversarial accuracy above 70% under the same conditions. Also, for the Attack Success Rate (ASR) analysis, more than half of malicious samples successfully evade detection in the AT-LSTM under PGD attacks (58%) whereas the XGBoost–GRU model limits successful evasions to less than 30%. The results from the developed XGBoost–GRU model consistently maintained higher adversarial accuracy, lower attack success rates, and superior robust accuracy retention under increased adversarial evasion. The findings demonstrate that architectural simplicity can enhance detection stability under adversarial pressure for intrusion detection in IoT systems.
References
Aleesa, A., Younis, M. O. H. A. M. M. E. D., Mohammed, A. A., & Sahar, N. (2021). Deep-intrusion detection system with enhanced UNSW-NB15 dataset based on deep learning techniques. Journal of Engineering Science and Technology, 16(1), 711-727.
Ali, M., Shahroz, M., Mushtaq, M. F., Alfarhood, S., Safran, M., & Ashraf, I. (2024). Hybrid machine learning model for efficient botnet attack detection in IoT environment. IEEe Access, 12, 40682-40699.
Alnuaimi, A. F., & Albaldawi, T. H. (2024). An overview of machine learning classification techniques. In BIO Web of Conferences (Vol. 97, p. 00133). EDP Sciences.
Alsharaiah, M. A., Abu-Shareha, A. A., Abualhaj, M., Baniata, L. H., Al-saaidah, A., Kharma, Q. M., & Al-Zyoud, M. M. (2024). An innovative network intrusion detection system (NIDS): Hierarchical deep learning model based on Unsw-Nb15 dataset. International Journal of Data & Network Science, 8(2).
Asharf, J., Moustafa, N., Khurshid, H., Debie, E., Haider, W., & Wahab, A. (2020). A review of intrusion detection systems using machine and deep learning in internet of things: Challenges, solutions and future directions. Electronics, 9(7), 1177.
Armijos, A., & Cuenca, E. (2023, November). Zero-day attacks: review of the methods used based on intrusion detection and prevention systems. In 2023 IEEE Colombian Caribbean Conference (C3) (pp. 1-6). IEEE.
Alharthi, M., Medjek, F., & Djenouri, D. (2025). Ensemble learning approaches for multi-class intrusion detection systems for the internet of vehicles (IoV): a comprehensive survey. Future Internet, 17(7), 317.
Alanazi, R., & Aljuhani, A. (2023). Anomaly Detection for Industrial Internet of Things Cyberattacks. Computer Systems Science & Engineering, 44(3).
Asharf, J., Moustafa, N., Khurshid, H., Debie, E., Haider, W., & Wahab, A. (2020). A review of intrusion detection systems using machine and deep learning in internet of things: Challenges, solutions and future directions. Electronics, 9(7), 1177.
Alwahedi, F., Aldhaheri, A., Ferrag, M. A., Battah, A., & Tihanyi, N. (2024). Machine learning techniques for IoT security: Current research and future vision with generative AI and large language models. Internet of Things and Cyber-Physical Systems, 4, 167-185.
Akif, M. A., Butun, I., Williams, A., & Mahgoub, I. (2025). Hybrid machine learning models for intrusion detection in iot: Leveraging a real-world iot dataset. arXiv preprint arXiv:2502.12382.
Alraba'nah, Y., Al-Sharaeh, S., & Al Hindi, G. (2025). Enhancing intrusion detection using hybrid long short-term memory and XGBoost. Journal of Soft Computing and Data Mining, 6(1), 247-261.
Ahmed, S., Raza, B., Hussain, L., Aldweesh, A., Omar, A., Khan, M. S., ... & Nadim, M. A. (2023). The deep learning resnet101 and ensemble xgboost algorithm with hyperparameters optimization accurately predict the lung cancer. Applied Artificial Intelligence, 37(1), 2166222.
Chen, T., He, T., Benesty, M., Khotilovich, V., Tang, Y., Cho, H., ... & Zhou, T. (2015). Xgboost: extreme gradient boosting. R package version 0.4-2, 1(4), 1-4.
Dash, S. K., Dash, S., Mahapatra, S., Mohanty, S. N., Khan, M. I., Medani, M., ... & Gupta, M. (2024). Enhancing DDoS attack detection in IoT using PCA. Egyptian Informatics Journal, 25, 100450.
Halbouni, A., Gunawan, T. S., Habaebi, M. H., Halbouni, M., Kartiwi, M., & Ahmad, R. (2022). Machine learning and deep learning approaches for cybersecurity: A review. IEEE Access, 10, 19572-19585.
Khaw, Y. M., Jahromi, A. A., Arani, M. F., Sanner, S., Kundur, D., & Kassouf, M. (2020). A deep learning-based cyberattack detection system for transmission protective relays. IEEE Transactions on Smart Grid, 12(3), 2554-2565.
Kasongo, S. M., & Sun, Y. (2020). Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. Journal of Big Data, 7(1), 105.
Kasongo, S. M. (2023). A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework. Computer Communications, 199, 113-125.
Le, T. T. H., Oktian, Y. E., & Kim, H. (2022). XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability, 14(14), 8707.
Layeghy, S., Baktashmotlagh, M., & Portmann, M. (2023). DI-NIDS: Domain invariant network intrusion detection system. Knowledge-Based Systems, 273, 110626.
Liu, G., Zhang, W., Wang, X., King, S., & Yu, S. (2024). A membership inference and adversarial attack defense framework for network traffic classifiers. IEEE Transactions on Artificial Intelligence, 6(2), 317-332.
Mienye, I. D., and Swart, T. G. (2024). A comprehensive review of deep learning: Architectures, recent advances, and applications. Information, 15(12), 755.
Meena, G., and Indian, A. (2025, October). IDS-IoT: Intrusion Detection System for the Internet of Things Using Enhanced Long-Short Term Memory. In Artificial Intelligence and Applications.
Moustafa, N., and Slay, J. (2015, November). UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 military communications and information systems conference (MilCIS) (pp. 1-6). Ieee.
Meena, G., and Choudhary, R. R. (2017, July). A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA. In 2017 International Conference on Computer, Communications and Electronics (Comptelix) (pp. 553-558). IEEE.
More, S., Idrissi, M., Mahmoud, H., and Asyhari, A. T. (2024). Enhanced intrusion detection systems performance with UNSW-NB15 data analysis. Algorithms, 17(2), 64.
Nosouhian, S., Nosouhian, F., and Khoshouei, A. K. (2021). A review of recurrent neural network architecture for sequence learning: Comparison between LSTM and GRU
Rahman, M. M., Al Shakil, S., and Mustakim, M. R. (2025). A survey on intrusion detection system in IoT networks. Cyber Security and Applications, 3, 100082.
Sarker, I. H. (2021). Deep learning: a comprehensive overview on techniques, taxonomy, applications and research directions. SN computer science, 2(6), 1-20.
Soon, H. F., Amir, A., Nishizaki, H., Zahri, N. A. H., Kamarudin, L. M., & Azemi, S. N. (2024). Evaluating Tree-based Ensemble Strategies for Imbalanced Network Attack Classification. International Journal of Advanced Computer Science & Applications, 15(1).
Sarhan, M., Layeghy, S., Moustafa, N., and Portmann, M. (2020, December). Netflow datasets for machine learning-based network intrusion detection systems. In International Conference on.
Zhang, Y., Gandhi, Y., Li, Z., & Xiao, Z. (2022, September). Improving the classification effectiveness of network intrusion detection using ensemble machine learning techniques and deep neural networks. In 2022 International Conference on Intelligent Data Science Technologies and Applications (IDSTA) (pp. 117-123). IEEE.
Vitorino, J., Silva, M., Maia, E., & Praça, I. (2025). Reliable feature selection for adversarially robust cyber-attack detection. Annals of Telecommunications, 80(3), 341-355. doi: https://doi.org/10.1007/s12243-024-01047-z.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Abraham Eseoghene Evwiekpaefe, Isah Rambo Saidu, Ismail Yunus, Tienhua Chinyio (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
