JoWUA

Volume 17 - Issue 1

Lightweight and Flexible Intrusion Detection System to Protect Industrial IoT Settings: Using a Mixed AI Strategy

S. Mythily Research Scholar, Department of Computer Science, Vels Institute of Science, Technology & Advanced Studies (VISTAS), Chennai, Tamil Nadu, India.
mythilysar1@gmail.com 0009-0000-1684-5073
Dr.C. Meenakshi Associate Professor, Department of Computer Application, Vels Institute of Science, Technology & Advanced Studies (VISTAS), Chennai, Tamil Nadu, India.
cmeenakshi.scs@velsuniv.ac.in 0000-0002-9020-6031

DOI: 10.58346/JOWUA.2026.I1.026

Keywords: IDS, ICS, IIoT, Cyber-security, Anomaly-Detection, Machine-Learning, Edge- Computing.

Abstract

The increasing exposure of the Industrial Control Systems (ICS) and Industrial Internet of Things (IIoT) environments to cyber threats is connected with the proliferation of obsolete industrial protocols, the lack of computational capabilities, and the extended integration of the Information Technology (IT) and Operational Technology (OT) environments. The conventional intrusion detection systems do not work well in such an environment because they are not protocol-aware, are not cheap in terms of computation, and are not capable of operating under the strict real-time requirements. In order to overcome these issues, this paper offers a flexible and lightweight hybrid intrusion detection system that is specially created to be used in industrial networks. The suggested system will integrate protocol-based rule-based detection with machine-based anomaly detection to detect known and unknown cyberattacks. It uses deep packet inspection and time-based statistic feature extraction to record the behavior of industrial traffic, and model optimization technology can be used to effectively deploy to edge devices that have limited resources. NSL-KDD, UNSW-NB15, and custom Modbus-TCP are used to evaluate the system with real and realistic industrial conditions created as a result of a simulated SCADA environment. Experimental results demonstrate that the proposed hybrid intrusion detection system achieves a detection accuracy of 98.6%, with a low false positive rate of 1.4%, significantly outperforming standalone rule-based and machine-learning approaches. Precision, recall, and F1-score consistently exceed 97%, confirming reliable intrusion identification. Moreover, the system has a mean detection latency of less than 8 ms, which meets the real-time performance of industrial monitoring. Finally, the suggested hybrid IDS provides a moderate balance between high detection rates and protocol sensitivity, along with low computational cost, which makes the proposed model a feasible, scalable security tool to be used in real-life ICS and IIoT implementations.

Date

March 2026

Page Number

471-483