{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T14:28:45Z","timestamp":1769264925818,"version":"3.49.0"},"reference-count":37,"publisher":"MDPI AG","issue":"13","license":[{"start":{"date-parts":[[2025,6,30]],"date-time":"2025-06-30T00:00:00Z","timestamp":1751241600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"FCT\u2014Funda\u00e7\u00e3o para a Ci\u00eancia e Tecnologia","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"The rapid growth of the Internet of Things (IoT) has revolutionized various industries by enabling interconnected devices to exchange data seamlessly. However, IoT systems face significant security challenges due to decentralized architectures, resource-constrained devices, and dynamic network environments. These challenges include denial-of-service (DoS) attacks, anomalous network behaviors, and data manipulation, which threaten the security and reliability of IoT ecosystems. New methods based on machine learning have been reported in the literature, addressing topics such as intrusion detection and prevention. This paper proposes an advanced anomaly detection framework for IoT networks expressed in several phases. In the first phase, data preprocessing is conducted using techniques like the Median-KS Test to remove noise, handle missing values, and balance datasets, ensuring a clean and structured input for subsequent phases. The second phase focuses on optimal feature selection using a Genetic Algorithm enhanced with eagle-inspired search strategies. This approach identifies the most significant features, reduces dimensionality, and enhances computational efficiency without sacrificing accuracy. In the final phase, an ensemble classifier combines the strengths of the Decision Tree, Random Forest, and XGBoost algorithms to achieve the accurate and robust detection of anomalous behaviors. This multi-step methodology ensures adaptability and scalability in handling diverse IoT scenarios. The evaluation results demonstrate the superiority of the proposed framework over existing methods. It achieves a 12.5% improvement in accuracy (98%), a 14% increase in detection rate (95%), a 9.3% reduction in false positive rate (10%), and a 10.8% decrease in false negative rate (5%). These results underscore the framework\u2019s effectiveness, reliability, and scalability for securing real-world IoT networks against evolving cyber threats.<\/jats:p>","DOI":"10.3390\/s25134098","type":"journal-article","created":{"date-parts":[[2025,6,30]],"date-time":"2025-06-30T12:10:31Z","timestamp":1751285431000},"page":"4098","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Securing IoT Communications via Anomaly Traffic Detection: Synergy of Genetic Algorithm and Ensemble Method"],"prefix":"10.3390","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0785-5151","authenticated-orcid":false,"given":"Behnam","family":"Seyedi","sequence":"first","affiliation":[{"name":"Department of Science, Instituto de Telecomunicacoes, ISCTE-University Institute of Lisbon, 1649-026 Lisbon, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5055-6347","authenticated-orcid":false,"given":"Octavian","family":"Postolache","sequence":"additional","affiliation":[{"name":"Department of Science, Instituto de Telecomunicacoes, ISCTE-University Institute of Lisbon, 1649-026 Lisbon, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2025,6,30]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"167","DOI":"10.1016\/j.iotcps.2023.12.003","article-title":"Machine learning techniques for IoT security: Current research and future vision with generative AI and large language models","volume":"4","author":"Alwahedi","year":"2024","journal-title":"Internet Things Cyber-Phys. Syst."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Mazhar, T., Talpur, D.B., Shloul, T.A., Ghadi, Y.Y., Haq, I., Ullah, I., and Ouahada, K. (2023). Analysis of IoT Security Challenges and Its Solutions Using Artificial Intelligence. Brain Sci., 13.","DOI":"10.3390\/brainsci13040683"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"686","DOI":"10.1109\/COMST.2018.2847722","article-title":"A detailed investigation and analysis of using machine learning techniques for intrusion detection","volume":"21","author":"Mishra","year":"2018","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"205","DOI":"10.1016\/j.dcan.2022.08.012","article-title":"Feature extraction for machine learning-based intrusion detection in IoT networks","volume":"10","author":"Sarhan","year":"2024","journal-title":"Digit. Commun. Netw."},{"key":"ref_5","first-page":"3753","article-title":"A Review on wide variety and heterogeneity of IoT platforms","volume":"12","author":"Kollolu","year":"2020","journal-title":"Int. J. Anal. Exp. Modal Anal. Anal."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"2735","DOI":"10.1007\/s10489-018-01408-x","article-title":"A new hybrid approach for intrusion detection using machine learning methods","volume":"49","year":"2019","journal-title":"Appl. Intell."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"345","DOI":"10.3390\/iot4030016","article-title":"Deep Autoencoder-Based Integrated Model for Anomaly Detection and Efficient Feature Extraction in IoT Networks","volume":"4","author":"Alaghbari","year":"2023","journal-title":"IoT"},{"key":"ref_8","first-page":"100549","article-title":"Machine learning enabled Industrial IoT Security: Challenges, Trends and Solutions","volume":"38","author":"Ni","year":"2024","journal-title":"J. Ind. Inf. Integr."},{"key":"ref_9","first-page":"101","article-title":"Intrusion detection using machine learning: A comparison study","volume":"118","author":"Biswas","year":"2018","journal-title":"Int. J. Pure Appl. Math."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Sarwar, A., Alnajim, A.M., Marwat, S.N.K., Ahmed, S., Alyahya, S., and Khan, W.U. (2022). Enhanced Anomaly Detection System for IoT Based on Improved Dynamic SBPSO. Sensors, 22.","DOI":"10.3390\/s22134926"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"108626","DOI":"10.1016\/j.compeleceng.2023.108626","article-title":"Anomaly based network intrusion detection for IoT attacks using deep learning technique","volume":"107","author":"Sharma","year":"2023","journal-title":"Comput. Electr. Eng."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Do, P.H., Dinh, T.D., Le, D.T., Pham, V.D., Myrova, L., and Kirichek, R. (2021, January 25\u201327). An Efficient Feature Extraction Method for Attack Classification in IoT Networks. Proceedings of the 2021 13th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), Brno, Czech Republic.","DOI":"10.1109\/ICUMT54235.2021.9631726"},{"key":"ref_13","first-page":"11","article-title":"Attack and anomaly detection in IoT networks using supervised machine learning approaches","volume":"35","author":"Tyagi","year":"2021","journal-title":"Rev. D\u2019Intell. Artif."},{"key":"ref_14","unstructured":"Priya, V., Thaseen, I.S., Gadekallu, T.R., Aboudaif, M.K., and Nasr, E.A. (2021). Robust attack detection approach for IIoT using ensemble classifier. arXiv."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Manzano, R., Goel, N., Zaman, M., Joshi, R., and Naik, K. (2022, January 26\u201329). Design of a machine learning based intrusion detection framework and methodology for iot networks. Proceedings of the 2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA.","DOI":"10.1109\/CCWC54503.2022.9720857"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"9960","DOI":"10.1109\/JIOT.2021.3119055","article-title":"A novel intrusion detection method based on lightweight neural network for internet of things","volume":"9","author":"Zhao","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Xiao, Y., Feng, Y., and Sakurai, K. (2024). An Efficient Detection Mechanism of Network Intrusions in IoT Environments Using Autoencoder and Data Partitioning. Computers, 13.","DOI":"10.20944\/preprints202408.0945.v1"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"1716","DOI":"10.1109\/TCE.2023.3329253","article-title":"Artificial intelligence-based anomalies detection scheme for identifying cyber threat on IoT-based transport network","volume":"70","author":"Gupta","year":"2023","journal-title":"IEEE Trans. Consum. Electron."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Ullah, I., and Mahmoud, Q.H. (2019, January 11\u201314). A Two-Level Hybrid Model for Anomalous Activity Detection in IoT Networks. Proceedings of the 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA.","DOI":"10.1109\/CCNC.2019.8651782"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3543855","article-title":"An energy-efficient and trustworthy unsupervised anomaly detection framework (EATU) for IIoT","volume":"18","author":"Huang","year":"2022","journal-title":"ACM Trans. Sens. Netw."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Altulaihan, E., Almaiah, M.A., and Aljughaiman, A. (2024). Anomaly Detection IDS for Detecting DoS Attacks in IoT Networks Based on Machine Learning Algorithms. Sensors, 24.","DOI":"10.3390\/s24020713"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"3913","DOI":"10.1007\/s12652-022-04461-0","article-title":"A two-tier hybrid ensemble learning pipeline for intrusion detection systems in IoT networks","volume":"14","author":"Srivastav","year":"2023","journal-title":"J. Ambient Intell. Humaniz. Comput."},{"key":"ref_23","first-page":"8614903","article-title":"An intrusion detection system for the internet of things based on the ensemble of unsupervised techniques","volume":"2022","author":"Wang","year":"2022","journal-title":"Wirel. Commun. Mob. Comput."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"13241","DOI":"10.1007\/s11227-023-05197-0","article-title":"EIDM: Deep learning model for IoT intrusion detection systems","volume":"79","author":"Elnakib","year":"2023","journal-title":"J. Supercomput."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1503","DOI":"10.30534\/ijeter\/2020\/05852020","article-title":"Handling of man-in-the-middle attack in wsn through intrusion detection system","volume":"8","author":"Mohapatra","year":"2020","journal-title":"Int. J. Emerg. Trends Eng. Res."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"104695","DOI":"10.1016\/j.trc.2024.104695","article-title":"End-to-end heterogeneous graph neural networks for traffic assignment","volume":"165","author":"Liu","year":"2024","journal-title":"Transp. Res. Part C Emerg. Technol."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"05024004","DOI":"10.1061\/JITSE4.ISENG-2264","article-title":"Graph neural network surrogate for seismic reliability analysis of highway bridge systems","volume":"30","author":"Liu","year":"2024","journal-title":"J. Infrastruct. Syst."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"68","DOI":"10.1080\/01621459.1951.10500769","article-title":"The Kolmogorov-Smirnov test for goodness of fit","volume":"46","author":"Massey","year":"1951","journal-title":"J. Am. Stat. Assoc."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1023\/A:1007515423169","article-title":"An empirical comparison of voting classification algorithms: Bagging, boosting, and variants","volume":"36","author":"Bauer","year":"1999","journal-title":"Mach. Learn."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Chen, T., and Guestrin, C. (2016, January 13\u201317). XGBoost: A Scalable Tree Boosting System. Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD \u201816), San Francisco, CA, USA.","DOI":"10.1145\/2939672.2939785"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1023\/A:1010933404324","article-title":"Random forests","volume":"45","author":"Breiman","year":"2001","journal-title":"Mach. Learn."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1007\/BF00116251","article-title":"Induction of decision trees","volume":"1","author":"Quinlan","year":"1986","journal-title":"Mach. Learn."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Sharma, A., and Babbar, H. (2024, January 24\u201326). Detecting Cyber Threats in Real-Time: A Supervised Learning Perspective on the CTU-13 Dataset. Proceedings of the 2024 5th International Conference for Emerging Technology (INCET), Belgaum, India.","DOI":"10.1109\/INCET61516.2024.10593100"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Alohali, M.A., Elsadig, M., Al-Wesabi, F.N., Al Duhayyim, M., Mustafa Hilal, A., and Motwakel, A. (2023). Enhanced Chimp Optimization-Based Feature Selection with Fuzzy Logic-Based Intrusion Detection System in Cloud Environment. Appl. Sci., 13.","DOI":"10.3390\/app13042580"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"109","DOI":"10.1007\/s12046-020-1308-5","article-title":"Particle swarm optimization and feature selection for intrusion detection system","volume":"45","author":"Kunhare","year":"2020","journal-title":"S\u0101dhan\u0101"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"13547","DOI":"10.1007\/s00500-019-03891-x","article-title":"An opposition-based social spider optimization for feature selection","volume":"23","author":"Ibrahim","year":"2019","journal-title":"Soft Comput."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"104752","DOI":"10.1016\/j.micpro.2022.104752","article-title":"SPA-IDS: An intelligent intrusion detection system based on vertical mode decomposition and iterative feature selection in computer networks","volume":"96","author":"Kilincer","year":"2023","journal-title":"Microprocess. Microsyst."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/25\/13\/4098\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T18:01:47Z","timestamp":1760032907000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/25\/13\/4098"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,30]]},"references-count":37,"journal-issue":{"issue":"13","published-online":{"date-parts":[[2025,7]]}},"alternative-id":["s25134098"],"URL":"https:\/\/doi.org\/10.3390\/s25134098","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,6,30]]}}}