IntruDet-LSTM: A Knowledge-Driven Hybrid Intrusion Detection System for IoT Cybersecurity

In recent times, Internet of Things (IoT) ecosystem is rapidly expanding, with a flow in various devices being integrated to allow continuous and efficient communication. Most IoT devices are resource-constrained, and without clearly defined security standards, their communications remain exposed to potential risks. As a result, quickly identifying threats within IoT networks is critical, making Intrusion Detection Systems (IDS) an essential component of modern cybersecurity strategies. The unpredictable behavior of IoT traffic demands dynamic and context-sensitive rule configurations. Software Defined Networks (SDN’s) is programmable architecture enables real-time threat justification across heterogeneous IoT environments. The proposed IntruDet-LSTM which is Intrusion Detection with Long Short-Term Memory method introduces a hybrid system for intrusion detection and dynamic rule-based configuration, combining a signature-based SNORT method with a data-driven ensemble model built on LSTM. Fault tolerance is achieved through a dual-layer design, where the intrusion detection and rule configuration models are dissociated, enabling uninterrupted performance even when one layer is compromised. IntruDet-LSTM method effectively reduces false alarms, allowing true IoT traffic to flow continuous and still delivering high detection accuracy. The proposed IntruDet-LSTM achieves accuracy of 99.8%, which is better than existing Deep Integrated Stacking for the IoT (DIS-IoT).