An ensemble learning framework for the detection of RPL attacks in IoT networks based on the genetic feature selection approach

Abstract

The rapid proliferation of Internet of Things (IoT) devices has raised critical concerns regarding the security of corresponding IoT networks. The Routing Protocol for Low-Power and Lossy Networks (RPL), a foundational element in IoT communication, is susceptible to diverse routing attacks due to IoT nodes’ constrained resources and open nature. This underscores the necessity for an Intrusion Detection System (IDS) to safeguard RPL-based IoT networks. Existing anomaly-based IDS suffer from high false alarm rates (FAR). In response to these challenges, this paper presents the Ensemble Learning-based Intrusion Detection System (ELG-IDS), which employs stacking and extreme parameter optimization to detect three RPL internal attacks: version number, decreased rank, and DIS flooding attacks. ELG-IDS employs enhanced feature extraction and genetic algorithm (GA)-based feature selection. Experimental results on a dedicated dataset demonstrate ELG-IDS's remarkable accuracy: 99.18%, 99.38%, 99.66%, and 97.90% for version number, rank attack, DIS flooding, and an average accuracy of 97.90% in multi-classification mode, respectively. This study advances IoT network security through ELG-IDS, enhancing protection against evolving security challenges.