Strategic Data Augmentation for IoT Intrusion Detection Using Ensemble Machine Learning
DOI:
https://doi.org/10.54153/sjpas.2026.v8i2.1500Keywords:
Network Intrusion Detection System (NIDS), Strategic Data Augmentation, XGBoost, Random Forest, UNSW-NB15, Zero Trust Security, Class Imbalance, IoT SecurityAbstract
The Internet of Things (IoT) and modern web-based infrastructure are increasing at a very fast rate, resulting in a rise in complex and compact cyber-attack patterns that tend to evade traditional signature-based protection methods. A key trade-off in the detection capability and rate of false alarms arises from the prevailing methods' common difficulty in addressing the “Class Imbalance” problem that exists in realistic network traffics, although Machine Learning has shown promise as a potential paradigm for Network Intrusion Detection Systems (NIDS). The “Zero False Negative” challenge in high-security applications remains unaddressed in prevailing state-of-the-art methods that tend to plateau at very high levels of accuracy (around 99.6 percent). This paper proposes a novel High-Redundancy Network Intrusion Detection Framework that relies on a Strategic Data Augmentation approach that can address the “Zero False Negative” challenge.
The proposed framework tests three distinct classifiers, namely Random Forest, Extreme Gradient Boosting (XGBoost), and a constrained Decision Tree (for baseline complexity testing). Based on the experimental results, the Random Forest and XGBoost models were able to fill the performance gap created in the previous study by achieving 100.00% Accuracy, 1.00 Precision, and 0.00% False Alarm Rate (FAR) due to the proposed augmentation method. However, the baseline Decision Tree could only achieve 89.09% accuracy, proving that the dataset still retains a large amount of structural complexity that demands robust ensemble learning. Although both ensemble methods made perfect detections, XGBoost is more efficient in computation and converged 3.3 times faster (21.48 seconds) than Random Forest in an efficiency comparison study. Hence, in real-time Zero Trust Network Intrusion Detection in high velocity networks, the proposed study recommends the Augmented XGBoost model to be the most optimal choice.
References
1. Vitorino, J., Andrade, R., Praca, I., Sousa, O., & Maia, E. (2021). ‘A comparative analysis of
machine learning techniques for IoT intrusion detection’, Foundations and Practice of
Security, pp. 191–207. DOI: 10.1007/978-3-031-08147-7_13.
2. Samantaray, M., Barik, R. C., & Biswal, A. K. (2024). ‘A comparative assessment of machine
learning algorithms in the IoT-based network intrusion detection systems’, Decision
Analytics Journal, 11, 100478. DOI: 10.1016/j.dajour.2024.100478.
3. More, S., Idrissi, M., Mahmoud, H., & Asyhari, A. T. (2024). ‘Enhanced intrusion detection
systems performance with UNSW-NB15 data analysis’, Algorithms, 17(2), 64. DOI:
10.3390/a17020064.
4. Talukder, M. A., Islam, M. M., Uddin, M. A., Hasan, K. F., Sharmin, S., Alyami, S. A., & Moni, M.
A. (2024). ‘Machine learning-based network intrusion detection for big and imbalanced
data using oversampling, stacking feature embedding and feature extraction’, Journal of Big
Data, 11(1), 33. DOI: 10.1186/s40537-024-00886-w.
5. Yulianton, H., Sutanto, F. A., & Santi, R. C. N. (2025). ‘Optimized network intrusion detection
using XGBoost with hyperparameter tuning: An empirical study on UNSW-NB15 dataset’,
Journal of Software Engineering and Simulation, 11(8), 1–7. DOI: 10.35629/3795-
11080107
6. Binbusayyis, A., Alaskar, H., Vaiyapuri, T., & Dinesh, M. J. (2022). ‘An investigation and
comparison of machine learning approaches for intrusion detection in IoMT network’, The
Journal of Supercomputing, 78, 17403–17422. DOI: 10.1007/s11227-022-04568-3.
7. Laqtib, S., El Yassini, K., & Hasnaoui, M. L. (2020). ‘A technical review and comparative
analysis of machine learning techniques for intrusion detection systems in MANET’,
International Journal of Electrical and Computer Engineering, 10(3), 2701–2709. DOI:
10.11591/ijece.v10i3.pp2701-2709.
8. Udurume, M., Shakhov, V., & Koo, I. (2024). ‘Comparative analysis of deep convolutional
neural network-bidirectional long short-term memory and machine learning methods in
intrusion detection systems’, Applied Sciences, 14(16), 6967. DOI: 10.3390/app14166967.
9. Note, J., & Ali, M. (2022). ‘Comparative analysis of intrusion detection system using machine
learning and deep learning algorithms’, Annals of Emerging Technologies in Computing,
6(3), 19–36.
10. Mahadevappa, P., Muzammal, S. M., & Murugesan, R. K. (2021). ‘A comparative analysis of
machine learning algorithms for intrusion detection in edge-enabled IoT networks’, arXiv
preprint arXiv:2111.01383.
11. Inuwa, M. M., & Das, R. (2024). ‘A comparative analysis of various machine learning
methods for anomaly detection in cyber attacks on IoT networks’, Internet of Things, 26,
101162. DOI: 10.1016/j.iot.2024.101162
12. Benamor, Z., Seghir, Z. A., Djezzar, M., & Hemam, M. (2023). ‘A comparative study of
machine learning algorithms for intrusion detection in IoT networks’, Revue d Intelligence
Artificielle, 37(3), 567–576.
13. Saran, N., & Kesswani, N. (2023). ‘A comparative study of supervised machine learning
classifiers for intrusion detection in Internet of Things’, Procedia Computer Science, 218,
2049–2057.
14. Magan-Carrion, R., Urda, D., Diaz-Cano, I., & Dorronsoro, B. (2020). ‘Towards a reliable
comparison and evaluation of network intrusion detection systems based on machine
learning approaches’, Applied Sciences, 10(5), 1775. DOI: 10.3390/app10051775.357
15. Azam, Z., Islam, M. M., & Huda, M. N. (2023). ‘Comparative analysis of intrusion detection
systems and machine learning-based model analysis through decision tree’, IEEE Access,
11, 80348–80391.
16. Airlangga, G. (2024). ‘Comparative analysis of machine learning models for intrusion
detection in Internet of Things networks using the RT-IoT2022 dataset’, MALCOM:
Indonesian Journal of Machine Learning and Computer Science, 4(2), 656–662.
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright Notice
Authors retain copyright and grant the SJPAS journal right of first publication, with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in Samarra Journal of Pure and Applied Science.
The Samarra Journal of Pure and Applied Science permits and encourages authors to archive Pre-print and Post-print items submitted to the journal on personal websites or institutional repositories per the author's choice while providing bibliographic details that credit their submission, and publication in this journal. This includes the archiving of a submitted version, an accepted version, or a published version without any Risks.
