Intrusion Detection Systems (IDS) are vital components in ensuring the security of intelligent and connected environments, particularly in domains where data sensitivity and system reliability are critical, such as the Internet of Medical Things (IoMT). In this study, we propose an anomaly-based IDS powered by ensemble machine learning techniques to detect and classify cyber threats effectively. The heterogeneity and high vulnerability of IoMT systems demand advanced detection mechanisms capable of identifying various attack patterns in real time. We evaluate five supervised machine learning models Random Forest, CatBoost, LightGBM, XGBoost, and a Stacking ensemble using the CICIoMT2024 dataset, which encompasses a wide range of attack types grouped into six categories: DDoS, DoS, MQTT-based attacks, reconnaissance, spoofing, and benign traffic. Our experimental results demonstrate that the proposed ensemble-based IDS achieves a maximum accuracy of 99.39%, with strong performance across other evaluation metrics. These findings highlight the robustness and scalability of our approach in enhancing anomaly detection and protecting sensitive data within IoMT infrastructures.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Ensemble Learning Strategies for Anomaly-Based Intrusion Detection in IoMT Systems

  • Mohammed Yacoubi,
  • Omar Moussaoui,
  • Cyril Drocourt

摘要

Intrusion Detection Systems (IDS) are vital components in ensuring the security of intelligent and connected environments, particularly in domains where data sensitivity and system reliability are critical, such as the Internet of Medical Things (IoMT). In this study, we propose an anomaly-based IDS powered by ensemble machine learning techniques to detect and classify cyber threats effectively. The heterogeneity and high vulnerability of IoMT systems demand advanced detection mechanisms capable of identifying various attack patterns in real time. We evaluate five supervised machine learning models Random Forest, CatBoost, LightGBM, XGBoost, and a Stacking ensemble using the CICIoMT2024 dataset, which encompasses a wide range of attack types grouped into six categories: DDoS, DoS, MQTT-based attacks, reconnaissance, spoofing, and benign traffic. Our experimental results demonstrate that the proposed ensemble-based IDS achieves a maximum accuracy of 99.39%, with strong performance across other evaluation metrics. These findings highlight the robustness and scalability of our approach in enhancing anomaly detection and protecting sensitive data within IoMT infrastructures.