MLSTL-WSN: Machine Learning-based Intrusion Detection using SMOTETomek in WSNs
Md. Alamin Talukder, Selina Sharmin, Md Ashraf Uddin, Md Manowarul Islam, Sunil Aryal
TL;DR
This paper presents a machine-learning-driven intrusion detection approach for Wireless Sensor Networks (WSNs) that addresses data imbalance by applying SMOTE-TomekLink (STL) resampling and uses feature standardization for robust training. Evaluated on the WSND-DS dataset with six classifiers (DT, RF, MLP, KNN, XGBoost, LightGBM), the method achieves state-of-the-art performance, notably 99.78% binary and 99.92% multiclass accuracy, with Random Forest typically delivering the best results. The work demonstrates that balancing techniques combined with ensemble methods significantly improve intrusion detection in resource-constrained WSNs, outperforming several prior studies. Its findings have practical implications for real-time, accurate DoS intrusion detection in WSNs, leveraging STL to mitigate class-imbalance issues without excessive false alarms. The authors also discuss computational considerations and propose avenues for future improvements, including feature selection and hierarchical or deep learning-based extensions.
Abstract
Wireless Sensor Networks (WSNs) play a pivotal role as infrastructures, encompassing both stationary and mobile sensors. These sensors self-organize and establish multi-hop connections for communication, collectively sensing, gathering, processing, and transmitting data about their surroundings. Despite their significance, WSNs face rapid and detrimental attacks that can disrupt functionality. Existing intrusion detection methods for WSNs encounter challenges such as low detection rates, computational overhead, and false alarms. These issues stem from sensor node resource constraints, data redundancy, and high correlation within the network. To address these challenges, we propose an innovative intrusion detection approach that integrates Machine Learning (ML) techniques with the Synthetic Minority Oversampling Technique Tomek Link (SMOTE-TomekLink) algorithm. This blend synthesizes minority instances and eliminates Tomek links, resulting in a balanced dataset that significantly enhances detection accuracy in WSNs. Additionally, we incorporate feature scaling through standardization to render input features consistent and scalable, facilitating more precise training and detection. To counteract imbalanced WSN datasets, we employ the SMOTE-Tomek resampling technique, mitigating overfitting and underfitting issues. Our comprehensive evaluation, using the WSN Dataset (WSN-DS) containing 374,661 records, identifies the optimal model for intrusion detection in WSNs. The standout outcome of our research is the remarkable performance of our model. In binary, it achieves an accuracy rate of 99.78% and in multiclass, it attains an exceptional accuracy rate of 99.92%. These findings underscore the efficiency and superiority of our proposal in the context of WSN intrusion detection, showcasing its effectiveness in detecting and mitigating intrusions in WSNs.