Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2025 Jul 2;15(1):22887.
doi: 10.1038/s41598-025-05545-5.

Integration of metaheuristic based feature selection with ensemble representation learning models for privacy aware cyberattack detection in IoT environments

M Karthikeyan  1 R Brindha  1 Maria Manuel Vianny  2 V Vaitheeshwaran  3 Mrinal Bachute  4 Sanket Mishra  5 Bibhuti Bhusan Dash  6
Affiliations

Integration of metaheuristic based feature selection with ensemble representation learning models for privacy aware cyberattack detection in IoT environments

M Karthikeyan et al. Sci Rep. .

Abstract

The Internet of Things (IoT) connects virtual and physical objects inserted with software, devices, and other technology that interchange data utilizing the Internet. It enables diverse devices and individuals to exchange data, interconnect, and personalize services to ease usage. Despite IoT's merits, rising cyberthreats and the rapid growth of smart devices increase the risk of data breaches and security attacks. The increasing complexity of cyberattacks demands advanced intrusion detection systems (IDS) to defend crucial assets and data. AI techniques such as machine learning (ML) and deep learning (DL) have shown robust potential in improving IDS performance by accurately detecting and classifying malicious network behavior in IoT environments. This manuscript proposes an Adaptive Metaheuristic-Based Feature Selection with Ensemble Learning Model for Privacy-Preserving Cyberattack Detection (AMFS-ELPPCD) technique. The data normalization stage initially applies Z-score normalization to convert input data into a beneficial format. The AMFS-ELPPCD model utilizes the adaptive Harris hawk optimization (AHHO) model for the feature process selection of the subset. Furthermore, ensemble models such as bidirectional gated recurrent unit (BiGRU), Wasserstein autoencoder (WAE), and deep belief network (DBN) are used for the classification process. Finally, social group optimization (SGO) optimally adjusts the ensemble classifiers' hyperparameter values, resulting in better classification performance. A set of simulations is performed to exhibit the promising results of the AMFS-ELPPCD under dual datasets. The experimental validation of the AMFS-ELPPCD technique portrayed a superior accuracy value of 99.44% and 98.85% under the CICIDS-2017 and NSLKDD datasets over existing models.

Keywords: Cyberattack detection; Data normalization; Ensemble learning model; Feature selection; Social group optimization.

PubMed Disclaimer

Conflict of interest statement

Declarations. Competing interests: The authors declare no competing interests. Consent to participate: Not applicable. Ethics approval: This article contains no studies with human participants performed by any authors. Informed consent: Not applicable.

Figures

Fig. 1
Fig. 1
Cyberattack detection in IoT networks.
Fig. 2
Fig. 2
Overall process of AMFS-ELPPCD technique.
Fig. 3
Fig. 3
Overall flow of the AHHO technique.
Fig. 4
Fig. 4
BiGRU architecture.
Fig. 5
Fig. 5
SGO flowchart.
Algorithm 1
Algorithm 1
SGO model
Fig. 6
Fig. 6
CICIDS-2017 dataset (a-c) 80% and 70%TSPH and (b-d) 20% and 30%TSPH.
Fig. 7
Fig. 7
Average of AMFS-ELPPCD model on the CICIDS-2017 dataset.
Fig. 8
Fig. 8
formula image analysis of AMFS-ELPPCD approach on the CICIDS-2017 dataset.
Fig. 9
Fig. 9
Loss graph of AMFS-ELPPCD model on CICIDS-2017 dataset.
Fig. 10
Fig. 10
Comparative analysis of AMFS-ELPPCD model on CICIDS-2017dataset.
Fig. 11
Fig. 11
CT analysis of AMFS-ELPPCD method with existing models.
Fig. 12
Fig. 12
Ablation study of AMFS-ELPPCD technique under CICIDS-2017 dataset.
Fig. 13
Fig. 13
NSLKDD dataset (a-c) 80% and 70%TSPH and (b-d) 20% and 30%TSPH.
Fig. 14
Fig. 14
Average of AMFS-ELPPCD model on NSLKDD dataset.
Fig. 15
Fig. 15
formula image curve of AMFS-ELPPCD method on NSLKDD dataset.
Fig. 16
Fig. 16
Loss analysis of AMFS-ELPPCD method on the NSLKDD dataset.
Fig. 17
Fig. 17
Comparative analysis of the AMFS-ELPPCD method on the NSLKDD dataset.
Fig. 18
Fig. 18
CT evaluation of AMFS-ELPPCD methodology with the existing techniques.
Fig. 19
Fig. 19
Ablation study of AMFS-ELPPCD approach under NSLKDD dataset.
See this image and copyright information in PMC

Similar articles

See all similar articles

References

    1. Ahanger, T. A., Ullah, I., Algamdi, S. A. & Tariq, U. Machine learning-inspired intrusion detection system for IoT: Security issues and future challenges. Computers and Electrical Engineering123, 110265 (2025).
    1. Mishra, S. The impact of AI-based cyber security on the banking and financial sectors. Journal Cybersecur. & Inform. Management, 14(1), 8–19 (2024).
    1. Alghamdi, M. I. An investigation into the effect of cybersecurity on attack prevention strategies. J. Cybersecur. Inform. Manage.3 (2), 53–60 (2020).
    1. Lee, I. Internet of things (IoT) cybersecurity: literature review and IoT cyber risk management. Future Internet. 12 (9), 157 (2020).
    1. Albalawi, A. M. & Almaiah, M. A. Assessing and reviewing of cyber-security threats, attacks, mitigation techniques in IoT environment. J. Theor. Appl. Inf. Technol.100, 2988–3011 (2022).

LinkOut - more resources