Publication Details
Abstract
The fast-tracking development of the Internet of Things (IoT) has led to the networks being subjected to very complex and innovative cyberattacks. As a result, the need for a reliable anomaly detection system has become a severe challenge. In this paper, a hybrid anomaly detection framework called HADES-IoT is presented that is equipped with self-supervised representation learning and ensemble intelligence for the safeguarding of IoT networks. The architecture comprises a deep autoencoder for self-supervised feature embedding, a LightGBM classifier for supervised decision learning, and an Isolation Forest for unsupervised anomaly detection. When applying the TON_IoT dataset from public resources, HADES-IoT achieved nearly perfect results, attaining a ROC-AUC of 0.9998, PR-AUC of 0.9999, and an overall accuracy of 99.85%. The framework not only shows the capacity of strong generalization over the unseen traffic patterns but also through the use of SHAP-based explainability it is demonstrated that the features of packet-level, flow-derived and a few of the latent autoencoder components are the most influential ones in the anomaly detection. The zero-day simulations, on the other hand, underscore the detection of the previously unseen attacks ability of HADES-IoT by the utilization of the unsupervised embeddings. The proposed system is capable of providing a hybrid defense strategy that is scalable, interpretable, and suitable for future IoT infrastructures.