Hybrid Intrusion Detection System for IoT Networks Using Genetic Algorithms and Support Vector Machines

Since IoT networks expand at a fast rate, they encounter an ever-growing set of adaptive security threats that must be identified efficiently, particularly due to the critical resource constraints most IoT devices have. To address this problem, we propose a new hybrid Intrusion Detection System (IDS) to operate in an IoT setting, which is a Support Vector Machine (SVM) with Genetic Algorithm (GA) to select features and optimize hyperparameters. In contrast to the conventional approaches, which tend to separate the process of feature selection and hyperparameter optimization, our model involves feature selection and hyperparameter optimization, where the former is selected with the help of the GA within the initial set of 41 features, which is narrowed to only seven features. This leads to a 30% computational overhead reduction, but still with a high detection rate of 98.79%. The approach combines two major gaps in the existing IoT IDS solutions: improving the detection performance as well as the computational efficiency, which is essential to the resource-constrained characteristics of the IoT networks. The results obtained in the evaluation in the context of the NSL-KDD dataset demonstrate high accuracy (97.36%), recall (98.42%), and F1-score (96.67%), and the false positive rate is low (1.5%). Moreover, the system exhibits good results in identifying attack forms that are difficult to detect, such as User-to-Root (U2R) and Remote-to-Local (R2L) attacks. The scalability tests have shown that the system can contribute effectively to networks containing as many as 2000 devices with minimal changes in detection time and CPU utilization. This hybrid IDS offers a scalable, resource-efficient and practical solution to the security of the IoT infrastructures within real-world conditions.