| Enhancing IIoT Security through a Hybrid Ensemble Approach: A Comparative Study of Machine Learning Models |
| Paper ID : 1018-ICEEM2025 (R1) |
| Authors |
|
Ahmed AbdelHamid Mohamed Ragab *, Gamal mahrous Attiya, Gamal eldin Selim Faculty of Electronic Engineering, Menofia university |
| Abstract |
| Industrial Internet of Things (IIoT) environments are increasingly vulnerable to sophisticated security threats, which are further exacerbated by unique challenges such as resource-constrained devices, heterogeneous data sources, and limited computational power at the edge. To address these concerns, this study proposes a comprehensive anomaly detection framework leveraging seven diverse machine learning algorithms: Random Forest, XGBoost, Logistic Regression, Support Vector Machines (SVM), K-Nearest Neighbors (KNN), Long Short-Term Memory (LSTM), and Autoencoder. Our methodology includes extensive data preprocessing, dimensionality reduction, and stratified sampling applied to a real-world IIoT dataset. Through rigorous experimentation and performance evaluation over multiple runs, the top three models, KNN, SVM, and Random Forest, were selected based on their superior F1 scores and subsequently combined into a hybrid ensemble model. Unlike previous methods that predominantly rely on a single algorithm or homogeneous ensemble approaches, our hybrid ensemble dynamically integrates heterogeneous classifiers, enabling it to capture diverse anomaly patterns more effectively while maintaining computational efficiency. This multi-model synergy significantly enhances detection capability across varied IIoT attack scenarios. The proposed hybrid ensemble achieves an accuracy of 97.1%, an F1 score of 95.6%, and an ROC AUC of 97.1%, outperforming individual models and prior approaches by providing a balanced trade-off between detection accuracy and system resource constraints. These results demonstrate that the hybrid ensemble approach offers a scalable and robust solution for real-time security analytics in complex IIoT environments. |
| Keywords |
| Industrial Internet of Things, IIoT Security, Hybrid Ensemble, Machine Learning, Anomaly Detection, Cybersecurity |
| Status: Accepted |