Evaluating Machine Learning Models for Real-Time IoT Intrusion Detection: A Comparative Study with RTSS Analysis

Abstract

With the ever-increasing sophistication and volume of cyber-attacks, there is a critical need for effective intrusion Detection Systems (IDS) to protect computer networks. Machine Learning (ML) offers powerful tools for IDS by automatically identifying patterns of malicious behavior. This research proposal aims to evaluate and compare the performance of several supervised ML algorithms for network threat detection using the CICIDS 2023 dataset. This paper focuses on widely-used classifiers—logistic regression, Support Vector Machine (SVM), Random Forest, eXtreme Gradient Boosting (XGBoost), and k-Nearest Neighbors (KNN) – applied to both binary (benign vs. attack) and multi-class (multiple attack types) classification tasks. This paper outlines a methodology for data preprocessing, model training, and performance evaluation using metrics like accuracy, precision, recall, and F1-score. By leveraging the comprehensive CICIDS 2023 intrusion dataset, which includes 33 modern attack scenarios across seven categories, this paper expects to gain insights into the relative strengths of each ML approach in detecting diverse cyber threats. The anticipated outcome is an identification of which algorithms (or combination thereof) are most promising for intrusion detection in contemporary network environments, guiding future developments of intelligent IDS. This proposal details the problem motivation, related work, planned methodology, and expected results, establishing a foundation for a thorough experimental study.