Adaptive Cyberattack Detection in IoT-Edge-Cloud Environments Using Decision Tree Regressor
Received: 28 March 2025 | Revised: 27 May 2025 | Accepted: 1 June 2025 | Online: 2 August 2025
Corresponding author: G. C. Shwethashree
Abstract
By facilitating smooth communication among smart devices, edge computing, and cloud environments, the Internet of Things (IoT) has reshaped several sectors. However, IoT networks are highly vulnerable to cyberattacks, particularly link attacks, which compromise security. In the last ten years, various existing Machine Learning (ML) and Deep Learning (DL) approaches have been presented for attack detection, but they often fail to maintain high accuracy when attack patterns evolve. This study proposes a Decision Tree Regressor (DTR) model for attack prediction and adaptation in an IoT Edge-Cloud environment. The model is implemented using SENSORIA for IoT data collection and CloudSim for edge-cloud simulation to efficiently detect attacks. The DTR model dynamically adapts to changes in attack behavior through statistical monitoring. The model was evaluated on the ToN-IoT and UNSW-NB15 datasets, achieving 99.92% and 99.96% accuracy, respectively, significantly outperforming existing approaches. The results demonstrate that DTR improves the accuracy of attack detection while adapting to evolving attack patterns, ensuring robust IoT security.
Keywords:
IoT security, edge-cloud computing, cyberattack detection, link attacks, machine learning, decision tree regressor, attack adaptationDownloads
References
M. E. E. Alahi et al., "Integration of IoT-Enabled Technologies and Artificial Intelligence (AI) for Smart City Scenario: Recent Advancements and Future Trends," Sensors, vol. 23, no. 11, May 2023, Art. no. 5206. DOI: https://doi.org/10.3390/s23115206
F. C. Andriulo, M. Fiore, M. Mongiello, E. Traversa, and V. Zizzo, "Edge Computing and Cloud Computing for Internet of Things: A Review," Informatics, vol. 11, no. 4, Sep. 2024, Art. no. 71. DOI: https://doi.org/10.3390/informatics11040071
G. I. Arcas, T. Cioara, I. Anghel, D. Lazea, and A. Hangan, "Edge Offloading in Smart Grid," Smart Cities, vol. 7, no. 1, pp. 680–711, Feb. 2024. DOI: https://doi.org/10.3390/smartcities7010028
S. K. Sahu and K. Mazumdar, "Exploring security threats and solutions Techniques for Internet of Things (IoT): from vulnerabilities to vigilance," Frontiers in Artificial Intelligence, vol. 7, May 2024, Art. no. 1397480. DOI: https://doi.org/10.3389/frai.2024.1397480
N. Singh, R. Buyya, and H. Kim, "Securing Cloud-Based Internet of Things: Challenges and Mitigations," Sensors, vol. 25, no. 1, Dec. 2024, Art. no. 79. DOI: https://doi.org/10.3390/s25010079
P. Mahadevappa, R. Al-amri, G. Alkawsi, A. Alkahtani, M. Alghenaim, and M. Alsamman, "Analyzing Threats and Attacks in Edge Data Analytics within IoT Environments," IoT, vol. 5, no. 1, pp. 123–154, Mar. 2024. DOI: https://doi.org/10.3390/iot5010007
M. F. Saiyed and I. Al-Anbagi, "A Genetic Algorithm- and t-Test-Based System for DDoS Attack Detection in IoT Networks," IEEE Access, vol. 12, pp. 25623–25641, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3367357
S. Yaras and M. Dener, "IoT-Based Intrusion Detection System Using New Hybrid Deep Learning Algorithm," Electronics, vol. 13, no. 6, Mar. 2024, Art. no. 1053. DOI: https://doi.org/10.3390/electronics13061053
I. Priyadarshini, "Anomaly Detection of IoT Cyberattacks in Smart Cities Using Federated Learning and Split Learning," Big Data and Cognitive Computing, vol. 8, no. 3, Feb. 2024, Art. no. 21. DOI: https://doi.org/10.3390/bdcc8030021
M. F. Saiyed and I. Al-Anbagi, "Deep Ensemble Learning With Pruning for DDoS Attack Detection in IoT Networks," IEEE Transactions on Machine Learning in Communications and Networking, vol. 2, pp. 596–616, 2024. DOI: https://doi.org/10.1109/TMLCN.2024.3395419
B. Cui, Y. Chai, Z. Yang, and K. Li, "Intrusion Detection in IoT Using Deep Residual Networks with Attention Mechanisms," Future Internet, vol. 16, no. 7, Jul. 2024, Art. no. 255. DOI: https://doi.org/10.3390/fi16070255
D. Javeed, T. Gao, M. S. Saeed, and P. Kumar, "An Intrusion Detection System for Edge-Envisioned Smart Agriculture in Extreme Environment," IEEE Internet of Things Journal, vol. 11, no. 16, pp. 26866–26876, Aug. 2024. DOI: https://doi.org/10.1109/JIOT.2023.3288544
C. Yang, L. Wu, J. Xu, Y. Ren, B. Tian, and Z. Wei, "Graph Learning Framework for Data Link Anomaly Detection," IEEE Access, vol. 12, pp. 114820–114828, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3445533
J. F. Kurian and M. Allali, "Detecting drifts in data streams using Kullback-Leibler (KL) divergence measure for data engineering applications," Journal of Data, Information and Management, vol. 6, no. 3, pp. 207–216, Sep. 2024. DOI: https://doi.org/10.1007/s42488-024-00119-y
J. N. Al-Karaki and G. A. Al-Mashaqbeh, "SENSORIA: A New Simulation Platform for Wireless Sensor Networks," in 2007 International Conference on Sensor Technologies and Applications (SENSORCOMM 2007), Valencia, Spain, Oct. 2007, pp. 424–429. DOI: https://doi.org/10.1109/SENSORCOMM.2007.4394958
T. Goyal, A. Singh, and A. Agrawal, "Cloudsim: simulator for cloud computing infrastructure and modeling," Procedia Engineering, vol. 38, pp. 3566–3572, 2012. DOI: https://doi.org/10.1016/j.proeng.2012.06.412
N. Moustafa and J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," in 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, Australia, Nov. 2015, pp. 1–6. DOI: https://doi.org/10.1109/MilCIS.2015.7348942
N. Moustafa and J. and Slay, "The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set," Information Security Journal: A Global Perspective, vol. 25, no. 1–3, pp. 18–31, Apr. 2016. DOI: https://doi.org/10.1080/19393555.2015.1125974
N. Moustafa, J. Slay, and G. Creech, "Novel Geometric Area Analysis Technique for Anomaly Detection Using Trapezoidal Area Estimation on Large-Scale Networks," IEEE Transactions on Big Data, vol. 5, no. 4, pp. 481–494, Sep. 2019. DOI: https://doi.org/10.1109/TBDATA.2017.2715166
N. Moustafa, G. Creech, and J. Slay, "Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models," in Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications, I. Palomares Carrascosa, H. K. Kalutarage, and Y. Huang, Eds. Springer International Publishing, 2017, pp. 127–156. DOI: https://doi.org/10.1007/978-3-319-59439-2_5
M. Sarhan, S. Layeghy, N. Moustafa, and M. Portmann, "NetFlow Datasets for Machine Learning-Based Network Intrusion Detection Systems," in Big Data Technologies and Applications, 2021, pp. 117–135. DOI: https://doi.org/10.1007/978-3-030-72802-1_9
N. Moustafa, "A new distributed architecture for evaluating AI-based security systems at the edge: Network TON_IoT datasets," Sustainable Cities and Society, vol. 72, Sep. 2021, Art. no. 102994. DOI: https://doi.org/10.1016/j.scs.2021.102994
T. M. Booij, I. Chiscop, E. Meeuwissen, N. Moustafa, and F. T. H. den Hartog, "ToN_IoT: The Role of Heterogeneity and the Need for Standardization of Features and Attack Types in IoT Network Intrusion Data Sets," IEEE Internet of Things Journal, vol. 9, no. 1, pp. 485–496, Jan. 2022. DOI: https://doi.org/10.1109/JIOT.2021.3085194
A. Alsaedi, N. Moustafa, Z. Tari, A. Mahmood, and A. Anwar, "TON_IoT Telemetry Dataset: A New Generation Dataset of IoT and IIoT for Data-Driven Intrusion Detection Systems," IEEE Access, vol. 8, pp. 165130–165150, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.3022862
N. Moustafa, M. Keshky, E. Debiez, and H. Janicke, "Federated TON_IoT Windows Datasets for Evaluating AI-Based Security Applications," in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Dec. 2020, pp. 848–855, Guangzhou, China. DOI: https://doi.org/10.1109/TrustCom50675.2020.00114
N. Moustafa, M. Ahmed, and S. Ahmed, "Data Analytics-Enabled Intrusion Detection: Evaluations of ToN_IoT Linux Datasets," in 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China, Dec. 2020, pp. 727–735. DOI: https://doi.org/10.1109/TrustCom50675.2020.00100
N. Moustafa, "A Systemic IoT-Fog-Cloud Architecture for Big-Data Analytics and Cyber Security Systems: A Review of Fog Computing." arXiv, May 04, 2019.
J. Ashraf et al., "IoTBoT-IDS: A novel statistical learning-enabled botnet detection framework for protecting networks of smart cities," Sustainable Cities and Society, vol. 72, Sep. 2021, Art. no. 103041. DOI: https://doi.org/10.1016/j.scs.2021.103041
N. Moustafa, "New Generations of Internet of Things Datasets for Cybersecurity Applications based Machine Learning: TON_IoT Datasets," presented at the eResearch Australasia Conference, Brisbane, Australia, Oct. 2019.
Downloads
How to Cite
License
Copyright (c) 2025 G. C. Shwethashree, S. Manjula
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
