Abstract:
The rapid expansion of Internet of Things (IoT) infrastructures has introduced new security vulnerabilities, particularly Denial of Service (DoS) attacks that compromise system availability and disrupt critical services. Traditional intrusion detection systems often fall short in recognizing novel or evolving threats due to their reliance on static signatures and limited adaptability. This study proposes an enhanced hybrid machine learning model that integrates a supervised Random Forest (RF) classifier with an unsupervised Isolation Forest (IF) anomaly detector to improve detection accuracy and generalizability in IoT environments. Using a synthetic dataset, the model was evaluated across multiple performance metrics. Results indicate that the hybrid model outperforms standalone approaches, achieving 97.8% accuracy, 97.7% F1-score, and an AUC-ROC of 0.992. The hybrid architecture effectively balances the strengths of pattern-based classification and anomaly detection, reducing false positives while maintaining high detection rates. Additionally, the model demonstrates computational efficiency suitable for edge-based IoT deployments. These findings highlight the potential of hybrid learning frameworks to enhance the resilience and scalability of intrusion detection systems in resource-constrained IoT networks.
