Abstract:
Connecting devices across homes, healthcare, agriculture, transportation, and businesses through the Internet of Things (iot) has become a critical part of modern life. Nevertheless, the universal interconnection of iot devices introduces significant vulnerabilities, making them susceptible to cyber threats such as Denial-of-Service (dos). These attacks deny legitimate users access to services and cause financial losses due to Service Level Agreement (SLA) violations. Traditional approaches have proven to be insufficient in handling large-scale, diversified, and complex iot environments. This study developed an enhanced hybrid machine-learning model that integrates Isolation Forest (unsupervised anomaly detection) with Random Forest (supervised classification) to improve the detection of dos attacks in an iot network. Benchmark datasets, including NSL-KDD and CICIDS017, were obtained from the Kaggle open-data repository, where the complete datasets were collected using Octoparse web-scraping software. Octoparse enabled the automated extraction of the entire dataset without modification, ensuring that all available records were included in model training and evaluation. Experimental results demonstrated that the hybrid model achieved superior performance – Accuracy (97.8%), a Precision of 98.2%, Recall (96.8%), F1-score (97.5%), and ROC-AUC (98.1%) consistently outperforming standalone models. The ROC curve analysis confirmed the hybrid model’s discriminative strength, showing clear separation between normal and attack traffic. In addition, scalability tests revealed that the model scales effectively to large datasets, with projections up to 5 million records. These findings highlight both the consistency and superiority of the hybrid model compared to traditional ML- based IDS solutions. Academically, the research fills a gap by emphasizing hybrid ML approaches specifically tailored for dos detection in iot environments and practically delivering a robust, scalable, and real-time security solution for industries and organizations seeking to secure large- scale iot infrastructures.