Internet of Things Security Based on Incremental XGBoost

Authors

  • Omar Shakir Hasan Directorate of Education in Nineveh , Mosul

DOI:

https://doi.org/10.29304/jqcsm.2025.17.42577

Keywords:

Incremental learning boosting,

Abstract

As the Internet of Things (IoT) has become more common in recent years, security vulnerabilities and attacks on the networks associated with it have also multiplied, increasing the urgency for improved attack detection, deterrence, and response methods. As a countermeasure to IoT attacks, this paper proposes incremental XGBoost-learning and studied the case of creating an incrementally-learning model and how to batch-train the model to leverage the data for full analysis. To validate the proposals, three datasets were chosen, the NSL-KDD dataset, the CICIDS2017 dataset, and the BoT-IoT dataset, in which each of these datasets also included different categories in their definitions of Internet-of-Things attacks. Upon obtaining the dataset, the datasets were then subset into training batches that would continuously assess the model's ability to learn and adapt to new data planning without a retraining process from scratch being necessary. Finally, after all batches were trained, the proposed model attained a classification accuracy of 96.5% on the NSL-KDD dataset, 97.3% on the CICIDS2017 dataset, and 96.8% on the BoT-IoT dataset with improvements in training accuracy while still maintaining consistency across the training subset batches.

Downloads

Download data is not yet available.

References

G. Shahinzadeh, H. Shahinzadeh, and S. Tanwar, Security and privacy issues in the Internet of Things: A comprehensive survey of protocols, standards, and the revolutionary role of blockchain, in Proc. 8th Int. Conf. Smart Cities, Internet of Things and Applications (SCIoT). IEEE, (2024).

M. Salb, L. Jovanovic, N. Bacanin, M. Antonijevic, M. Zivkovic, N. Budimirovic, and L. Abualigah, “Enhancing Internet of Things network security using hybrid CNN and XGBoost model tuned via modified reptile search algorithm,” Applied Sciences, vol. 13, no. 23, (2023), p. 12687. DOI: 10.3390/app132312687

A. F. Glavan and V. Croitoru, “Incremental learning for edge network intrusion detection,” Rev. Roum. Sci. Techn.–Électrotechn. et Énerg., vol. 68, no. 3, (2023), pp. 301–306.

N. U. Prince, M. A. Al Mamun, A. O. Olajide, O. U. Khan, A. B. Akeem, and A. I. Sani, “IEEE standards and deep learning techniques for securing Internet of Things (IoT) devices against cyber attacks,” Journal of Computer Analysis and Applications, vol. 33,

P. H. Nguyen, M. Mumtaz, and H. Al-Raweshidy, “Internet of Things (IoT) applications security trends and challenges,” Discover Internet of Things, vol. 4, no. 1, (2024), p. 46. DOI: 10.1007/s43926-024-00071-3

S. Gawande, S. Chauhan, and A. V. Deshpande, “A survey on IoT security: Vulnerability detection and protection,” Computers & Security, vol. 142, (2024), p. 103393. DOI: 10.1016/j.cose.2023.103393

S. D. Raut and V. M. Thakare, “A survey on privacy and security issues in IoT-based environments,” Computers & Security, vol. 136, (2023), p. 103498. DOI: 10.1016/j.cose.2023.103498

J. Li, X. Zhou, and L. Wang, “Intrusion detection method based on active incremental learning,” Journal of Internet of Things, vol. 4, no. 2, (2022), pp. 179–190.

A. Amouri, M. M. Al Rahhal, Y. Bazi, I. Butun, and I. Mahgoub, “Enhancing intrusion detection in IoT environments: An advanced ensemble approach using Kolmogorov–Arnold networks,” arXiv preprint, arXiv:2408.15886, (2024). Available: https://arxiv.org/abs/2408.15886

T. Lai, F. Farid, A. Bello, and F. Sabrina, “Ensemble learning based anomaly detection for IoT cybersecurity via Bayesian hyperparameters sensitivity analysis,” arXiv preprint, arXiv:2307.10596, (2023).

A. Namvar, C. Thapa, and S. S. Kanhere, “Discretization-based ensemble model for robust learning in IoT,” arXiv preprint, arXiv:2307.08955, (2023).

S. R. Alve, M. Z. Mahmud, S. Islam, M. A. Chowdhury, and J. Islam, “Smart IoT security: Lightweight machine learning techniques for multi-class attack detection in IoT networks,” arXiv preprint, arXiv:2502.04057, (2025).

Y. Hosain and M. Çakmak, “XAI-XGBoost: An innovative explainable intrusion detection approach for securing Internet of Medical Things systems,” Scientific Reports, vol. 15, (2025), Art. no. 22278. DOI: 10.1038/s41598-025-07790-0

K. S. Adewole, A. Jacobsson, and P. Davidsson, “Intrusion detection framework for Internet of Things with rule induction for model explanation,” Sensors, vol. 25, no. 6, (2025), p. 1845. DOI: 10.3390/s25061845

H. Ma et al., “An IoT intrusion detection framework based on feature selection and large language models fine-tuning,” Scientific Reports, (2025).

S. Alosaimi and S. M. Almutairi, “An intrusion detection system using BoT-IoT,” Applied Sciences, vol. 13, no. 9, (2023), p. 5427. DOI: 10.3390/app13095427

F. H. Zawaideh, G. Al-Asad, G. Swaneh, S. Batainah, and H. Bakkar, “Intrusion detection system for IoT networks using convolutional neural network (CNN) and XGBoost algorithm,” Journal of Theoretical and Applied Information Technology, vol. 102, no. 4, (2024), pp. 1749–1762.

V. Kantharaju et al., “Machine learning-based intrusion detection framework for IoT networks,” Scientific Reports, (2024).

P. R. Chithra Rani et al., “Deep learning-based ensemble stacking for enhanced intrusion detection in IIoT networks,” SN Applied Sciences, vol. 7, (2025), Art. no. 1477. DOI: 10.1007/s42452-025-01477-0

S. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” in Proc. IEEE Symp. Computational Intelligence for Security and Defence Applications (CISDA), Ottawa, Canada, (2009), pp. 1–6.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” in Proc. 4th Int. Conf. Information Systems Security and Privacy (ICISSP), Funchal, Portugal, (2018), pp. 108–116.

N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, “Towards the development of realistic botnet dataset in the Internet of Things for network forensic analytics: Bot-IoT dataset,” Future Generation Computer Systems, vol. 100, (2019), pp. 779–796. DOI: 10.1016/j.future.2019.05.024

M. Sun, L. Li, and Z. Li, “Research on improved XGBoost algorithm based on gradient boosting framework,” IEEE Access, vol. 9, (2021), pp. 136318–136329. DOI: 10.1109/ACCESS.2021.3108836

Chen, T., and Guestrin, C., “XGBoost: A Scalable Tree Boosting System,” in Proc. 22nd ACM SIGKDD Int. Conf. Knowledge Discovery & Data Mining (KDD), (2016), pp. 785–794. DOI: 10.1145/2939672.2939785

T. Chen and C. Guestrin, “XGBoost: A scalable tree boosting system,” in Proc. 22nd ACM SIGKDD Int. Conf. Knowledge Discovery & Data Mining, (2016), pp. 785–794. DOI: 10.1145/2939672.2939785

S. Zhang, J.-w. Liu, and X. Zuo, “Adaptive online incremental learning for evolving data streams,” Applied Soft Computing, vol. 105, (2021), Art. no. 107255. DOI: 10.1016/j.asoc.2021.107255

Downloads

Published

2025-12-30

How to Cite

Omar Shakir Hasan. (2025). Internet of Things Security Based on Incremental XGBoost. Journal of Al-Qadisiyah for Computer Science and Mathematics, 17(4), Comp 360–368. https://doi.org/10.29304/jqcsm.2025.17.42577

Issue

Vol. 17 No. 4 (2025): JQCM

Section

Computer Articles

License

Copyright (c) 2025 Omar Shakir Hasan

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.