COMPARATIVE STUDY OF MACHINE LEARNING ALGORITHMS FOR IOT CYBERSECURITY
Abstract
The exponential growth of the Internet of Things (IoT) has expanded global digital connectivity but simultaneously increased exposure to sophisticated cyber threats such as DDoS floods, malware propagation, and web-based exploits. To strengthen IoT cybersecurity, this study conducts a comparative analysis of representative machine learning algorithms for detecting and classifying multiple attack categories under realistic, leak-free evaluation conditions. Several widely adopted supervised models—including Logistic Regression, Decision Tree, Random Forest, Support Vector Machine, k-Nearest Neighbors, and a shallow Neural Network—were trained on the CIC IoT dataset following rigorous preprocessing and anti-leak filtering. Experimental results show that all models exhibit high reliability, achieving accuracies above 91.2 % and F1-scores exceeding 93 %. The Random Forest attains the best precision (approximately 98 %) and stability, while Logistic Regression and SVM maintain competitive accuracy with lower computational overhead, making them suitable for real-time IoT edge deployment. Overall, ensemble-based models deliver superior detection capability, whereas linear learners provide efficient and scalable alternatives for modern IoT security frameworks.
References
D. Hanes, G. Salgueiro, P. Grossetete, R. Barton, and J. Henry, “IoT Fundamentals: Networking
Technologies, Protocols, and Use Cases for the Internet of Things”, 1st ed. Cisco Press, 2017.
C. Li, J. Wang, S. Wang, and Y. Zhang, “A review of IoT applications in healthcare,” Neurocomputing,
vol. 565, 2024.
S. F. Ahmed, S. S. Shawon, A. Bhuyian, S. Afrin, A. Mehjabin, S. A. Kuldeep, M. S. B. Alam, and A.
H. Gandomi, “Forensics and security issues in the internet of things,” Wireless Networks, vol. 31, pp.
–3466, 2025.
G. Acar, D. Y. Huang, F. Li, A. Narayanan, and N. Feamster, “Web-based attacks to discover and
control local IoT devices,” in Proceedings of the 2018 Workshop on IoT Security and Privacy (IoT
S&P ’18). ACM, Aug. 2018, pp. 29–35.
S. Abbas, I. Bouazzi, S. Ojo, A. Hejaili, G. Sampedro, A. Almadhor, and M. Gregus, “Evaluating deep
learning variants for cyber-attacks detection and multi-class classification in IoT networks,” PeerJ
Computer Science, vol. 10, Jan. 2024.
D. W. Hosmer and S. Lemeshow, “Applied Logistic Regression”, 2nd ed. Wiley, 2004.
M. A. Ferrag, L. Maglaras, S. Moschoyiannis, andH. Janicke, “Deep learning for cyber security
intrusion detection: Approaches, datasets, and comparative study,” Journal of Information Security
and Applications, vol. 50, 2020.
M. M. Rahman, S. A. Shakil, and M. R. Mustakim, “A survey on intrusion detection system in IoT
networks,” Cyber Security and Applications, vol. 3, 2025.
D. T. Nguyen and K. H, Le, “The robust scheme for intrusion detection system in Internet of Things,”
Internet of Things, vol. 24, 100999, 2023. DOI: 10.1016/j.iot.2023.100999.
S. Z. Majidian, S. TaghipourEivazi, B. Arasteh, and A. Ghaffari, “Optimizing random forests to detect
intrusion in the Internet of Things,” Computers and Electrical Engineering, vol. 120, Part C, 109860,
DOI: 10.1016/j.compeleceng.2024.109860.
J. Azimjonov, and T. Kim, “Designing accurate lightweight intrusion detection systems for IoT
networks using fine-tuned linear SVM and feature selectors,” Computers & Security, vol. 137,
, 2024. DOI: 10.1016/j.cose.2023.103598.
P. R. Agbedanu, S. J. Yang, R. Musabe, Ignace Gatare, and James Rwigema “A Scalable Approach
to Internet of Things and Industrial Internet of Things Security: Evaluating Adaptive Self-Adjusting
Memory K-Nearest Neighbor for Zero-Day Attack Detection,” Sensors, 2025, 25(1), 216. DOI:
3390/s25010216
Y. LeCun, Y. Bengio, and G. Hinton, “Deep learning,” Nature, vol. 521, no. 7553, pp. 436–444, 2015.
D. M. W. Powers, “Evaluation: From precision, recall and f-measure to roc, informedness, markedness
and correlation,” Journal of Machine Learning Technologies, vol. 2, no. 1, pp. 37–63, 2011.
M. Raeisi-Varzaneh, A. Habbal, and O. Dakkak, “Firewalls and Internet of Things Security: A Survey,”
Current Trends in Computing, vol. 1, no. 1, pp. 22–43, 2023.
M. B. Bankó, S. Dyszewski, M. Králová, M. B. Limpek, M. Papaioannou, G. Choudhary, and N.
Dragoni, “Advancements in machine learning-based intrusion detection in IoT: Research trends and
challenges,” Algorithms, vol. 18, no. 4, 2025.
P. Maran, T. T. V. Yap, J. J. Chin, H. Ng, V. T. Goh, and T. Y. Kuek, “Comparison of machine learning
models for IoT malware classification,” Dec. 2022, pp. 15–28.
M. Najafimehr, S. Zarifzadeh, and S. Mostafavi, “Detecting DDoS attacks using machine learning:
Survey,” Journal of Al-Qadisiyah for Computer Science and Mathematics, vol. 16, Jun. 2024.
S. Berríos, S. Garcia, P. Hermosilla, and H. Allende-Cid, “A machine-learning-based approach for the
detection and mitigation of DDoS attacks in IoT environments,” Applied Sciences, vol. 15, no. 11,
J. P. Ntayagabiri, Y. Bentaleb, J. Ndikumagenge, and H. E. Makhtoum, “A comparative analysis
of supervised machine learning algorithms for IoT attack detection and classification,” Journal of
Computing Theories and Applications, vol. 2, pp. 395–409, Feb. 2025.
A. Firouzi, S. Dadkhah, S. A. Maret, and A. A. Ghorbani, “DataSense: CIC IIoT Dataset 2025,”
https://www.unb.ca/cic/datasets/iiot-dataset-2025.html, 2025, canadian Institute for Cybersecurity,
University of New Brunswick.
