Cluster-based wireless sensor network framework for denial-of-service attack detection based on variable selection ensemble machine learning algorithms

A Cluster-Based Wireless Sensor Network (CBWSN) is a system designed to remotely control and monitor specific events or phenomena in areas such as smart grids, intelligent healthcare, circular economies in smart cities, and underwater surveillance. The wide range of applications of technology in almost every field of human activity exposes it to various security threats from cybercriminals. One of the pressing concerns that requires immediate attention is the risk of security breaches, such as intrusions in wireless sensor network traffic. Poor detection of denial-of-service (DoS) attacks, such as Grayhole, Blackhole, Flooding, and Scheduling attacks, can deplete the energy of sensor nodes. This can cause certain sensor nodes to fail, leading to a degradation in network coverage or lifetime. The detection of such attacks has resulted in significant computational complexity in the related works. As new threats arise, security attacks get more sophisticated, focusing on the target system's vulnerabilities. This paper proposed the development of Cluster-Based Wireless Sensor Network and Variable Selection Ensemble Machine Learning Algorithms (CBWSN_VSEMLA) as a security threats detection system framework for DoS attack detection. The CBWSN model is designed using a Fuzzy C-Means (FCM) clustering technique, whereas VSEMLA is a detection system comprised of Principal Component Analysis (PCA) for feature selection and various ensemble machine learning algorithms (Bagging, LogitBoost, and RandomForest) for the detection of grayhole attacks, blackhole attacks, flooding attacks, and scheduling attacks. The experimental results of the model performance and complexity comparison for DoS attack evaluation using the WSN-DS dataset show that the PCA_RandomForest IDS model outperforms with 99.999 % accuracy, followed by the PCA_Bagging IDS model with 99.78 % accuracy and the PCA_LogitBoost model with 98.88 % accuracy. However, the PCA_RandomForest model has a high computational complexity, taking 231.64 s to train, followed by the PCA_LogitBoost model, which takes 57.44 s to train, and the PCA_Bagging model, which takes 0.91 s to train to be the best in terms of model computational complexity. Thus, the models surpassed all baseline models in terms of model detection accuracy on flooding, scheduling, grayhole, and blackhole attacks.