Enhanced DDoS Attack Detection in IoT Environments Using Voting and Stacking Ensemble Learning: Implementation and Performance Analysis
DOI:
https://doi.org/10.56919/usci.2542.017Keywords:
Internet of things IOT, DDoS, DDOS Attack, Ensemble Learning, Machine Learning, Voting Classifier, Stacking Classifier, Cybersecurity, Network security, IoT Security, IoTAbstract
Study’s Excerpt:
• Voting and stacking ensembles achieved over 99.39% accuracy for IoT DDoS detection using CIC-IoT2023.
• Confusion matrix and inference time were analyzed to assess real-world viability of ensemble methods.
• Ensemble techniques outperformed single models in all evaluation metrics for IoT threat detection.
• Detailed performance insights support the practical deployment of ensemble learning in IoT systems.
• Study offers guidelines for choosing ensemble models based on specific IoT deployment requirements.
Full Abstract:
Due to the increase in the adoption of Internet of Things (IoT) devices, there has been a significant increase in Distributed Denial of Service (DDoS) attack. This is because IoT devices have introduced significant security vulnerabilities, thereby increasing the attack surface. This paper aims to present an enhanced DDoS Attack detection in an IoT environment using an ensemble learning approach. This was achieved by implementing the voting and stacking classifiers that combine four supervised learning algorithms: Random Forest, Decision Trees, Logistic Regression, and K-Nearest Neighbors. Using the comprehensive CIC-IoT2023 dataset, the results of the test conducted indicate outstanding performance, with the voting classifier achieving 99.39% accuracy (190.9872ms inference time, 32 false positives) and the stacking classifier reaching 99.40% accuracy (224.9587ms inference time, 89 false positives), a 5-fold stratified cross-validation was conducted which validated the models' robustness as a significant improvement on previous study conducted in this area.
References
Abbas, A., Khan, M. A., Latif, S., Ajaz, M., Shah, A. A., & Ahmad, J. (2022). A New Ensemble-Based Intrusion Detection System for Internet of Things. Arabian Journal for Science and Engineering, 47(2), 1805–1819. https://doi.org/10.1007/s13369-021-06086-5
Abu Al-Haija, Q., & Al-Dala’ien, M. (2022). ELBA-IoT: An Ensemble Learning Model for Botnet Attack Detection in IoT Networks. Journal of Sensor and Actuator Networks, 11(1). https://doi.org/10.3390/jsan11010018
Abughazaleh, N., Bin, R., Btish, M., & M., H. (2020). DoS Attacks in IoT Systems and Proposed Solutions. International Journal of Computer Applications, 176, 16–19. https://doi.org/10.5120/ijca2020920397
Ahmed, S., & Khan, M. (2023). Securing the Internet of Things (IoT): A comprehensive study on the intersection of cybersecurity, privacy, and connectivity in the IoT ecosystem. AI, IoT and the Fourth Industrial Revolution Review, 13(9), 1–17. https://scicadence.com/index.php/AI-IoT-REVIEW/article/view/13
Ain, N. U., Sardaraz, M., Tahir, M., Abo Elsoud, M. W., & Alourani, A. (2025). Securing IoT Networks Against DDoS Attacks: A Hybrid Deep Learning Approach. Sensors, 25(5), 1–23. https://doi.org/10.3390/s25051346
Alotaibi, Y., & Ilyas, M. (2023). Ensemble-learning framework for intrusion detection to enhance internet of things’ devices security. Sensors, 23(12), 5568. https://doi.org/https://doi.org/10.3390/s23125568
Amro, A., Al-Akhras, M., Hindi, K. El, Habib, M., & Shawar, B. A. (2021). Instance reduction for avoiding overfitting in decision trees. Journal of Intelligent Systems, 30(1), 438–459. https://doi.org/https://doi.org/10.1515/jisys-2020-0061
Bentéjac, C., Csörgő, A., & Martínez-Muñoz, G. (2021). A comparative analysis of gradient boosting algorithms. Artificial Intelligence Review, 54(3), 1937–1967. https://doi.org/10.1007/s10462-020-09896-5
Bin Sarhan, B., & Altwaijry, N. (2023). Insider Threat Detection Using Machine Learning Approach. Applied Sciences, 13(1). https://doi.org/10.3390/app13010259
Brophy, J., & Lowd, D. (2021). Machine unlearning for random forests. International Conference on Machine Learning, 1092–1104. https://doi.org/https://doi.org/10.48550/arXiv.2009.05567
Butun, I., Osterberg, P., & Song, H. (2020). Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures. IEEE Communications Surveys and Tutorials, 22(1), 616–644. https://doi.org/10.1109/COMST.2019.2953364
Elliott, D. L., & Anderson, C. (2023). The Wisdom of the Crowd: Reliable Deep Reinforcement Learning Through Ensembles of Q-Functions. IEEE Transactions on Neural Networks and Learning Systems, 34(1), 43–51. https://doi.org/10.1109/TNNLS.2021.3089425
Fischer, S. (2023). Internet of Things: A Model for Cybersecurity Standards and the Categorisation of Devices. https://doi.org/http://dx.doi.org/10.17169/refubium-36965
Golchha, R., Joshi, A., & Gupta, G. P. (2023). Voting-based Ensemble Learning approach for Cyber Attacks Detection in Industrial Internet of Things. Procedia Computer Science, 218, 1752–1759. https://doi.org/https://doi.org/10.1016/j.procs.2023.01.153
Halder, R. K., Uddin, M. N., Uddin, M. A., Aryal, S., & Khraisat, A. (2024). Enhancing K-nearest neighbor algorithm: a comprehensive review and performance analysis of modifications. Journal of Big Data, 11(1), 113. https://doi.org/10.1186/s40537-024-00973-y
Hosseinzadeh, M., Rahmani, A. M., Vo, B., Bidaki, M., Masdari, M., & Zangakani, M. (2021). Improving security using SVM-based anomaly detection: issues and challenges. Soft Computing, 25(4), 3195–3223. https://doi.org/10.1007/s00500-020-05373-x
Jegede, O. O. (2023). Ensemble-Learning Approach to DDoS-Attack Detection Using Stacking, Meta-Learning, and Adversarial Training. The George Washington University. https://scholarspace.library.gwu.edu/etd/8336h279s
Jony, A. I., & Arnob, A. K. B. (2024). Securing the Internet of Things: Evaluating Machine Learning Algorithms for Detecting IoT Cyberattacks Using CIC-IoT2023 Dataset. International Journal of Information Technology and Computer Science, 16(4), 56–65. https://doi.org/10.5815/ijitcs.2024.04.04
Kandasamy, K., Srinivas, S., Achuthan, K., & Rangan, V. P. (2020). IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process. Eurasip Journal on Information Security, 2020(1). https://doi.org/10.1186/s13635-020-00111-0
Khan, S. H., Alahmadi, T. J., Ullah, W., Iqbal, J., Rahim, A., Alkahtani, H. K., Alghamdi, W., & Almagrabi, A. O. (2023). A new deep boosted CNN and ensemble learning based IoT malware detection. Computers & Security, 133, 103385. https://doi.org/https://doi.org/10.1016/j.cose.2023.103385
Luo, C., Tan, Z., Min, G., Gan, J., Shi, W., & Tian, Z. (2021). A Novel Web Attack Detection System for Internet of Things via Ensemble Classification. IEEE Transactions on Industrial Informatics, 17(8), 5810–5818. https://doi.org/10.1109/TII.2020.3038761
Malhotra, P., Singh, Y., Anand, P., Bangotra, D. K., Singh, P. K., & Hong, W.-C. (2021). Internet of things: Evolution, concerns and security challenges. Sensors, 21(5), 1809. https://doi.org/https://doi.org/10.3390/s21051809
Mante, J., & Kolhe, K. (2024). Ensemble of Tree Classifiers for Improved DDoS Attack Detection in the Internet of Things. Mathematical Modelling of Engineering Problems, 11(9), 2355–2367. https://doi.org/10.18280/mmep.110909
Mishra, A. K., & Paliwal, S. (2023). Mitigating cyber threats through integration of feature selection and stacking ensemble learning: the LGBM and random forest intrusion detection perspective. Cluster Computing, 26(4), 2339–2350. https://doi.org/10.1007/s10586-022-03735-8
Mushtaq, Z., Ramzan, M. F., Ali, S., Baseer, S., Samad, A., & Husnain, M. (2022). Voting Classification-Based Diabetes Mellitus Prediction Using Hypertuned Machine-Learning Techniques. Mobile Information Systems, 2022(1), 1–16. https://doi.org/10.1155/2022/6521532
Neto, E. C. P., Dadkhah, S., Ferreira, R., Zohourian, A., Lu, R., & Ghorbani, A. A. (2023). CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment. Sensors, 23(13). https://doi.org/10.3390/s23135941
Okoye, K., & Hosseini, S. (2024). Regression Analysis in R: Linear Regression and Logistic Regression BT - R Programming: Statistical Data Analysis in Research (K. Okoye & S. Hosseini (eds.); pp. 131–158). Springer Nature Singapore. https://doi.org/10.1007/978-981-97-3385-9_7
Shtayat, M. M., Hasan, M. K., Sulaiman, R., Islam, S., & Khan, A. U. R. (2023). An Explainable Ensemble Deep Learning Approach for Intrusion Detection in Industrial Internet of Things. IEEE Access, 11, 115047–115061. https://doi.org/10.1109/ACCESS.2023.3323573
Sumaiya, Jafarpourmarzouni, R., Lu, S., & Dong, Z. (2024). Enhancing Real-time Inference Performance for Time-Critical Software-Defined Vehicles. 2024 IEEE International Conference on Mobility, Operations, Services and Technologies (MOST), 101–113. https://doi.org/10.1109/MOST60774.2024.00019
Taha, A. (2021). Intelligent Ensemble Learning Approach for Phishing Website Detection Based on Weighted Soft Voting. Mathematics, 9(21), 2799. https://doi.org/10.3390/math9212799
Yang, Y., Lv, H., & Chen, N. (2023). A Survey on ensemble learning under the era of deep learning. Artificial Intelligence Review, 56(6), 5545–5589. https://doi.org/10.1007/s10462-022-10283-5
Ye, J., Wang, Z., Yang, J., Wang, C., & Zhang, C. (2025). An LDDoS Attack Detection Method Based on Behavioral Characteristics and Stacking Mechanism. IoT, 6(1). https://doi.org/10.3390/iot6010007
Yilmaz, S., Aydogan, E., & Sen, S. (2021). A Transfer Learning Approach for Securing Resource-Constrained IoT Devices. IEEE Transactions on Information Forensics and Security, 16, 4405–4418. https://doi.org/10.1109/TIFS.2021.3096029
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Abdulrahman Tunde Alabelewe, Muhammad Aminu Ahmad, Ahmed Abubakar Aliyu, Mohammed Ibrahim, Abubakar Muazu Ahmed, Saadatu Abdulkadir
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
