• Security Audit of IoT Device N...

Treffer: Security Audit of IoT Device Networks: A Reproducible Machine Learning Framework for Threat Detection and Performance Benchmarking.

Title:
Security Audit of IoT Device Networks: A Reproducible Machine Learning Framework for Threat Detection and Performance Benchmarking.
Authors:
Shaikhanova A; Department of Information Security, L.N. Gumilyov Eurasian National University, 2, Satpayeva St., Astana 010000, Kazakhstan., Kuznetsov O; Department of Theoretical and Applied Sciences, eCampus University, Via Isimbardi 10, 22060 Novedrate, Italy.; Department of Intelligent Software Systems and Technologies, School of Computer Science and Artificial Intelligence, V.N. Karazin Kharkiv National University, 4 Svobody Sq., 61022 Kharkiv, Ukraine., Tokkuliyeva A; Department of Information Security, L.N. Gumilyov Eurasian National University, 2, Satpayeva St., Astana 010000, Kazakhstan., Ayapbergenov K; Limited Liability Company 'TSARKA R&D', 51/1 Kabanbai Batyr St., Astana 010000, Kazakhstan., Olzhas S; Limited Liability Company 'TSARKA R&D', 51/1 Kabanbai Batyr St., Astana 010000, Kazakhstan., Danir T; Limited Liability Company 'TSARKA R&D', 51/1 Kabanbai Batyr St., Astana 010000, Kazakhstan.
Source:
Sensors (Basel, Switzerland) [Sensors (Basel)] 2025 Dec 11; Vol. 25 (24). Date of Electronic Publication: 2025 Dec 11.
Publication Type:
Journal Article
Language:
English
Journal Info:
Publisher: MDPI Country of Publication: Switzerland NLM ID: 101204366 Publication Model: Electronic Cited Medium: Internet ISSN: 1424-8220 (Electronic) Linking ISSN: 14248220 NLM ISO Abbreviation: Sensors (Basel) Subsets: MEDLINE
Imprint Name(s):
Original Publication: Basel, Switzerland : MDPI, c2000-
MeSH Terms:
Machine Learning* , Computer Security* , Benchmarking* , Internet of Things* , Computer Communication Networks*, Algorithms ; Humans ; Reproducibility of Results
References:
ISA Trans. 2024 Feb;145:493-504. (PMID: 38105170)
Grant Information:
BR249014/02240 Committee of Science of the Ministry of Science and Higher Education of the Republic of Kazakhstan
Contributed Indexing:
Keywords: Internet of Things security; cybersecurity; ensemble learning; intrusion detection systems; network traffic analysis; security audit
Entry Date(s):
Date Created: 20251231 Date Completed: 20251231 Latest Revision: 20260103
Update Code:
20260103
PubMed Central ID:
PMC12736874
DOI:
10.3390/s25247519
PMID:
41471514
Database:
MEDLINE

Weitere Informationen

Internet of Things deployments face escalating security threats, yet systematic methods for auditing the defensive posture of IoT device networks remain underdeveloped. Current intrusion detection evaluations focus on algorithmic accuracy while neglecting operational requirements-computational efficiency, reproducibility, and interpretable risk assessment-that security audits demand. This paper introduces a reproducible security audit framework for IoT device networks, demonstrated through systematic evaluation of four machine learning models (Random Forest, LightGBM, XGBoost, Logistic Regression) on the TON_IoT dataset containing nine attack categories targeting smart environments. Our audit methodology enforces strict feature hygiene by excluding identity-revealing attributes, benchmarks both threat detection capability and computational cost, and provides complete reproducibility artifacts including preprocessing pipelines and trained models. The framework evaluates security posture through dual lenses: binary classification (distinguishing compromised from legitimate traffic) and multiclass classification (attributing threats to specific attack types). Binary audit results show ensemble models achieve 99.8-99.9% accuracy with perfect ROC-AUC (100%) and sub-15 ms inference latency per 1000 flows, confirming reliable attack detection. Multiclass auditing reveals more nuanced findings: while overall accuracy reaches 99.0% with macro-F1 near 97%, rare attack types expose critical blind spots-man-in-the-middle threats achieve only 78% F1 despite representing serious security risks. LightGBM provides optimal audit performance, balancing 99.93% detection accuracy with 2.76 MB deployment footprint. We translate audit findings into actionable security recommendations (network segmentation, rate-limiting, TLS metadata collection) and compare against twenty published studies, demonstrating that our framework achieves competitive detection rates while uniquely delivering the transparency, efficiency metrics, and reproducibility required for credible security assessment of production IoT networks.