In response to the escalating demand for robust security solutions in increasingly complex Internet of Things (IoT) networks, this study introduces an advanced Intrusion Detection System (IDS) leveraging both deep learning and active learning techniques. This research addresses the unique challenges posed by IoT environments, such as limited resources and diverse network components, which traditional security measures fail to adequately protect. Employing a BiLSTM model integrated with an active learning strategy, our approach achieved impressive results, including precision, recall, and F1-scores close to 1, and a total accuracy of 0.99. The inclusion of active learning enables the IDS to focus on the most informative data subsets, enhancing processing efficiency and reducing computational demands essential for IoT contexts. This method demonstrates significant promise for detecting sophisticated cyber threats and providing an effective tool for real-world applications. The performance of the proposed model has been rigorously validated on well-established cybersecurity datasets and through simulations in an IoT network environment, confirming its scalability and efficiency. Future work will address potential limitations such as computational demands and adaptability to diverse IoT device architectures, ensuring broader applicability and robustness of the IDS in varied IoT scenarios.

Internet of Things (IoT); Intrusion Detection System; Active Learning; Deep Learning; Bidirectional Long Short-Term Memory.

E. Ahmed, I. Yaqoob, I. A. T. Hashem, I. Khan, A. I. A. Ahmed, M. Imran, and A. V. Vasilakos, "The role of big data analytics in Internet of Things," Computer Networks, vol. 129, pp. 459-471, 2017.

H. Aldowah, S. U. Rehman, and I. Umar, "Security in Internet of Things: Issues, Challenges and Solutions," in Recent Trends in Data Science and Soft Computing: Proceedings of the 3rd International Conference of Reliable Information and Communication Technology (IRICT 2018), pp. 396-405, 2019.

R. Bhatt, S. Bhatt, and P. R. Ragiri, "Security trends in Internet of Things: a survey," SN Appl. Sci., vol. 3, no. 1, pp. 1–14, 2021, doi: 10.1007/s42452-021-04156-9.

O. I. Abiodun, E. O. Abiodun, M. Alawida, R. S. Alkhawaldeh, and H. Arshad, "A Review on the Security of the Internet of Things: Challenges and Solutions," Wireless Pers. Commun., vol. 119, no. 3, pp. 2603–2637, 2021, doi: 10.1007/s11277-021-08348-9.

S. Bharati and P. Podder, "Machine and Deep Learning for IoT Security and Privacy: Applications, Challenges, and Future Directions," arXiv preprint arXiv:2210.13547, 2022.

Y. Yue, S. Li, P. Legg, and F. Li, "Deep Learning-Based Security Behaviour Analysis in IoT Environments: A Survey," Secur. Commun. Netw., vol. 2021, no. 1, p. 8873195, 2021, doi: 10.1155/2021/8873195.

K. Yang, J. Ren, Y. Zhu, and W. Zhang, "Active Learning for Wireless IoT Intrusion Detection," arXiv preprint arXiv:1808.01412, 2018.

F. Hussain, R. Hussain, S. A. Hassan, and E. Hossain, "Machine Learning in IoT Security: Current Solutions and Future Challenges," arXiv preprint arXiv:1904.05735, 2019.

M. Zakariah and A. S. Almazyad, "Anomaly Detection for IOT Systems Using Active Learning," Appl. Sci., vol. 13, no. 21, pp. 12029, 2023, doi: 10.3390/app132112029.

S. Yin, W. Zhang, Y. Feng, Y. Xiang, and Y. Liu, "Automatic IoT device identification: a deep learning based approach using graphic traffic characteristics," Telecommun. Syst., vol. 83, no. 2, pp. 101–114, 2023, doi: 10.1007/s11235-023-01009-1.

A. Thakkar and R. Lohiya, "A Review on Machine Learning and Deep Learning Perspectives of IDS for IoT: Recent Updates, Security Issues, and Challenges," Arch. Comput. Methods Eng., vol. 28, no. 4, pp. 3211–3243, 2021, doi: 10.1007/s11831-020-09496-0.

R. Alghamdi and M. Bellaiche, "An ensemble deep learning based IDS for IoT using Lambda architecture," Cybersecurity, vol. 6, no. 1, pp. 1–17, 2023, doi: 10.1186/s42400-022-00133-w.

S. Revathi and A. Malathi, "A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection," International Journal of Engineering Research & Technology (IJERT), vol. 2, no. 12, pp. 1848-1853, 2013.

N. Koroniotis, N. Moustafa, E. Sitnikova, and B. Turnbull, "Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset," Future Generation Computer Systems, vol. 100, pp. 779-796, 2019.

C. Hazman, A. Guezzaz, S. Benkirane, and M. Azrour, "Toward an intrusion detection model for IoT-based smart environments," Multimed. Tools Appl., pp. 1–22, 2023, doi: 10.1007/s11042-023-16436-0.

S. Sapre, P. Ahmadi, and K. Islam, "A Robust Comparison of the KDDCup99 and NSL-KDD IoT Network Intrusion Detection Datasets Through Various Machine Learning Algorithms," arXiv preprint arXiv:1912.13204, 2019.

D. D. Kulkarni and R. K. Jaiswal, "An Intrusion Detection System Using Extended Kalman Filter and Neural Networks for IoT Networks," J. Netw. Syst. Manage., vol. 31, no. 3, pp. 1–40, 2023, doi: 10.1007/s10922-023-09748-x.

A. Khraisat and A. Alazab, "A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges," Cybersecurity, vol. 4, pp. 1-27, 2021.

A. Rosay, E. Cheval, M. Ghanmi, F. Carlier, and P. Leroux, "Study of Network IDS in IoT devices," SN Comput. Sci., vol. 4, no. 4, pp. 1–25, 2023, doi: 10.1007/s42979-023-01849-3.

L. Arnaboldi and C. Morisset, "A Review of Intrusion Detection Systems and Their Evaluation in the IoT," arXiv preprint arXiv:2105.08096, 2021.

Q.-V. Dang, "Active Learning for Intrusion Detection Systems," 2020 RIVF International Conference on Computing and Communication Technologies, pp. 1-3, 2020, doi: 10.1109/RIVF48685.2020.9140751.

B. Susilo and R. F. Sari, "Intrusion Detection in IoT Networks Using Deep Learning Algorithm," Information, vol. 11, no. 5, p. 279, 2020, doi: 10.3390/info11050279.

X. Yang, G. Peng, D. Zhang, and Y. Lv, "An Enhanced Intrusion Detection System for IoT Networks Based on Deep Learning and Knowledge Graph," Secur. Commun. Netw., vol. 2022, no. 1, p. 4748528, 2022, doi: 10.1155/2022/4748528.

S. A. Bakhsh, M. A. Khan, F. Ahmed, M. S. Alshehri, H. Ali, and J. Ahmad, "Enhancing IoT network security through deep learning-powered Intrusion Detection System," Internet of Things, vol. 24, p. 100936, 2023, doi: 10.1016/j.iot.2023.100936.

J. Zhang, X. Zhang, Z. Liu, F. Fu, Y. Jiao, and F. Xu, "A Network Intrusion Detection Model Based on BiLSTM with Multi-Head Attention Mechanism," Electronics, vol. 12, no. 19, p. 4170, 2023, doi: 10.3390/electronics12194170.

S. Sadhwani, M. A. H. Khan, R. Muthalagu, and P. M. Pawar, "BiLSTM-CNN Hybrid Intrusion Detection System for IoT Application," 2024, Jan. 03, doi: 10.21203/rs.3.rs-3820775/v1.

D. Shu, N. O. Leslie, C. A. Kamhoua, and C. S. Tucker, "Generative adversarial attacks against intrusion detection systems using active learning," WiseML '20: Proceedings of the 2nd ACM Workshop on Wireless Security and Machine Learning, Association for Computing Machinery, pp. 1-6, 2020, doi: 10.1145/3395352.3402618.

A. Dahou, M. Abd Elaziz, S. A. Chelloug, M. A. Awadallah, M. A. Al-Betar, M. A. A. Al-qaness, and A. Forestiero, "Intrusion Detection System for IoT Based on Deep Learning and Modified Reptile Search Algorithm," Comput. Intell. Neurosci., vol. 2022, no. 1, p. 6473507, 2022, doi: 10.1155/2022/6473507.

N. Moustafa, M. Keshk, E. Debie, and H. Janicke, "Federated TON_IoT Windows Datasets for Evaluating AI-based Security Applications," arXiv preprint arXiv:2010.08522, 2020.

Y. Yan, F. Liu, X. Zhuang, and J. Ju, "An R-Transformer_BiLSTM Model Based on Attention for Multi-label Text Classification," Neural Process. Lett., vol. 55, no. 2, pp. 1293–1316, 2023, doi: 10.1007/s11063-022-10938-y.

A. Mohapatra, N. Thota, and P. Prakasam, "Fake news detection and classification using hybrid BiLSTM and self-attention model," Multimed. Tools Appl., vol. 81, no. 13, pp. 18503–18519, 2022, doi: 10.1007/s11042-022-12764-9.

M. Liu and L. Yang, "IoT Network Traffic Analysis with Deep Learning," 2024 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), pp. 184-189, 2024.

Y. Xiong, S. Dong, R. Liu, F. Shi, and X. Jing, "IoT network traffic classification: a deep learning method with Fourier transform-assisted hyperparameter optimization," Front. Phys., vol. 11, p. 1273862, 2023, doi: 10.3389/fphy.2023.1273862.

M. Santos. A Data Scientist’s Essential Guide to EDA | Towards Data Science. Medium, 2024.

Y. Dodge, “Exploratory Data Analysis,” The Concise Encyclopedia of Statistics, 2008, doi: 10.1007/978-0-387-32833-1_136.

S. Galli, "Feature scaling in machine learning: Standardization, MinMaxScaling and more...," Train in Data's Blog, 2023.

Dr. D. Guggenheim. The Mystery of Feature Scaling is Finally Solved. Towards Data Science, Medium, 2022.

J. Kim and N. Moon, "BiLSTM model based on multivariate time series data in multiple field for forecasting trading area," J. Ambient Intell. Hum. Comput., pp. 1–10, 2019, doi: 10.1007/s12652-019-01398-9.

R. Tchoua, A. Ajith, Z. Hong, L. Ward, K. Chard, D. Audus, and I. Foster, "Active learning yields better training data for scientific named entity recognition," in 2019 15th International Conference on eScience (eScience), pp. 126-135, 2019.

B. Sayin, E. Krivosheev, J. Yang, A. Passerini, and F. Casati, "A review and experimental analysis of active learning over crowdsourced data," Artif. Intell. Rev., vol. 54, no. 7, pp. 5283–5305, 2021, doi: 10.1007/s10462-021-10021-3.

V. Digalakis Jr, Y. Ma, P. Paschalidis, and D. Bertsimas, "Towards Stable Machine Learning Model Retraining via Slowly Varying Sequences," arXiv preprint arXiv:2403.19871, 2024.

I. Prapas, B. Derakhshan, A. R. Mahdiraji, and V. Markl, "Continuous Training and Deployment of Deep Learning Models," Datenbank. Spektrum., vol. 21, no. 3, pp. 203–212, 2021, doi: 10.1007/s13222-021-00386-8.

S. Raschka, "Model Evaluation, Model Selection, and Algorithm Selection in Machine Learning," arXiv preprint arXiv:1811.12808, 2018.

A. Panesar, "Evaluating Machine Learning Models," in Machine Learning and AI for Healthcare, 2021, doi: 10.1007/978-1-4842-6537-6_7.

F. Hussain, R. Hussain, S. A. Hassan, and E. Hossain, "Machine learning in IoT security: Current solutions and future challenges," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1686-1721, 2020.

N. Moustafa, "A new distributed architecture for evaluating AI-based security systems at the edge: Network TON_IoT datasets," Sustainable Cities and Society, vol. 72, p. 102994, 2021.

N. A. Hikal and M. M. Elgayar, "Enhancing IoT botnets attack detection using machine learning-IDS and ensemble data preprocessing technique," in Internet of Things—Applications and Future: Proceedings of ITAF 2019, pp. 89-102, 2020.

A. Tawakuli, D. Kaiser, and T. Engel, "Transforming IoT data preprocessing: A holistic, normalized and distributed approach," in Proceedings of the 20th ACM Conference on Embedded Networked Sensor Systems, pp. 1083-1088, Nov. 2022.

B. Deepa and K. Ramesh, "Epileptic seizure detection using deep learning through min max scaler normalization," Int J Health Sci (Qassim), pp. 10981-10996, 2022.

V. Păpăluță. What’s the best way to handle NaN values?. Towards Data Science, Medium, 2021.

A. Rácz, D. Bajusz, and K. Héberger, "Effect of dataset size and train/test split ratios in QSAR/QSPR multiclass classification," Molecules, vol. 26, no. 4, p. 1111, 2021.

H. Hino, "Active Learning: Problem Settings and Recent Developments," arXiv preprint arXiv:2012.04225, 2020.

R. Ghaeini, S. A. Hasan, V. Datla, J. Liu, K. Lee, A. Qadir, and O. Farri, "DR-BiLSTM: Dependent Reading Bidirectional LSTM for Natural Language Inference," arXiv preprint arXiv:1802.05577, 2018.

S. M. Nacer, B. Nadia, R. Abdelghani, and B. Mohamed, "A novel method for bearing fault diagnosis based on BiLSTM neural networks," Int. J. Adv. Manuf. Technol., vol. 125, no. 3, pp. 1477–1492, 2023, doi: 10.1007/s00170-022-10792-1.

D. P. Kingma and J. Ba, "Adam: A method for stochastic optimization," arXiv preprint arXiv:1412.6980, 2014.

G. Naidu, T. Zuva, and E. M. Sibanda, "A Review of Evaluation Metrics in Machine Learning Algorithms," Computer Science On-line Conference, pp. 15-25, 2023.

J. Brownlee, "How to Calculate Precision, Recall, and F-Measure for Imbalanced Classification," Machine Learning Mastery, vol. 1, 2020.

"Recall, Precision, F1 Score - Explication Simple Métrique en ML," Oct. 19, 2023.

GeeksforGeeks. F1 Score in Machine Learning. GeeksforGeeks, 2023.

M. Grandini, E. Bagli, and G. Visani, "Metrics for Multi-Class Classification: an Overview," arXiv preprint arXiv:2008.05756, 2020.

L. Ferrer, "Analysis and Comparison of Classification Metrics," arXiv preprint arXiv:2209.05355, 2022.

K. Abdelli, H. Griesser, C. Tropschug, and S. Pachnicke, "A BiLSTM-CNN based Multitask Learning Approach for Fiber Fault Diagnosis," arXiv preprint arXiv:2202.08034, 2022.

S. K. Challa, A. Kumar, and V. B. Semwal, "A multibranch CNN-BiLSTM model for human activity recognition using wearable sensor data," Vis. Comput., vol. 38, no. 12, pp. 4095–4109, 2022, doi: 10.1007/s00371-021-02283-3.

D. Yu, L. Wang, X. Chen, and J. Chen, “Using BiLSTM with attention mechanism to automatically detect self-admitted technical debt,” Frontiers of Computer Science, vol. 15, no. 4, p. 154208, 2021.

R. L. Abduljabbar, H. Dia, and P.-W. Tsai, "Development and evaluation of bidirectional LSTM freeway traffic forecasting models using simulation data," Sci. Rep., vol. 11, p. 23899, 2021, doi: 10.1038/s41598-021-03282-z.

R. Yacouby and D. Axman, "Probabilistic extension of precision, recall, and F1 score for more thorough evaluation of classification models," Proceedings of the first workshop on evaluation and comparison of NLP systems, pp. 79-91, 2020.

H. Peng, C. Wu, and Y. Xiao, "CBF-IDS: Addressing Class Imbalance Using CNN-BiLSTM with Focal Loss in Network Intrusion Detection System," Applied Sciences, vol. 13, no. 21, p. 11629, 2023.

T. S. Pooja and P. Shrinivasacharya, "Evaluating neural networks using Bi-Directional LSTM for network IDS (intrusion detection systems) in cyber security," Global Transitions Proceedings, vol. 2, no. 2, pp. 448-454, 2021.

M. D. Hossain, H. Inoue, H. Ochiai, D. Fall, and Y. Kadobayashi, "LSTM-based intrusion detection system for in-vehicle can bus communications," IEEE Access, vol. 8, pp. 185489-185502, 2020.

B. Ko, H. G. Kim, K. J. Oh, and H. J. Choi, "Controlled dropout: A different approach to using dropout on deep neural network," in 2017 IEEE International Conference on Big Data and Smart Computing (BigComp), pp. 358-362, Feb. 2017.

H. Pratiwi, A. P. Windarto, S. Susliansyah, R. R. Aria, S. Susilowati, L. K. Rahayu, and I. R. Rahadjeng, "Sigmoid activation function in selecting the best model of artificial neural networks," in Journal of Physics: Conference Series, vol. 1471, no. 1, p. 012010, 2020.