Hybrid Meta-Heuristic Feature Selection Model for Network Traffic-Based Intrusion Detection in AIoT

With the advent of the sixth-generation wireless technology, the importance of using artificial intelligence of things (AIoT) devices is increasing to enhance efficiency. As massive volumes of data are collected and stored in these AIoT environments, each device becomes a potential attack target, leading to increased security vulnerabilities. Therefore, intrusion detection studies have been conducted to detect malicious network traffic. However, existing studies have been biased toward conducting in-depth analyses of individual packets to improve accuracy or applying flow-based statistical information to ensure real-time performance. Effectively responding to complex and multifaceted threats in large-scale AIoT environments is challenging. This study proposes a hybrid multivariate network traffic (HyMNeT) feature-based intrusion detection system that applies a hybrid meta-heuristic feature selection approach to create a secure and efficient AIoT environment. The HyMNeT system selects critical features by applying mutual information maximization (MIM) and the maximal information coefficient (MIC) based on statistical features of the network traffic flow and raw packet features. This system employs the reference vector-guided evolutionary algorithm to search for optimal thresholds that maximize MIM scores while minimizing MIC scores. An evaluation of the selected multivariate network traffic feature set using four machine learning models on the BoT-IoT and ToN-IoT datasets resulted in average accuracy, precision, recall, and F1-score values of 0.9844, 0.9897, 0.9844, and 0.9859, respectively. This work demonstrates that HyMNeT performs detection consistently and stably across all models.