The Internet of Things (IoT) generates high-volume network traffic that is heterogeneous and highly imbalanced, creating a critical need for intrusion detection systems (IDS) that remain accurate under resource-constrained edge gateways. This study presents an optimized gradient-boosting IDS framework evaluated on the CICIoT2023 benchmark. The pipeline integrates stratified undersampling to mitigate class imbalance and gain-based feature selection to remove redundant flow attributes. We evaluate the framework across three tasks: binary detection, 8-class attack-family classification, and 34-class fine-grained classification. Across all tasks, the evaluated models achieved strong detection performance with low inference latency; specifically, XGBoost attained 99.61% accuracy and a 0.995 macro-F1 score in binary detection with 0.355 µs/sample inference time. Feature selection reduced the input space from 46 to 23 dimensions, and an ablation study showed that this reduction decreased inference latency by 30–51% and training time by 33–40% while keeping accuracy variation within ± 0.014% points. These results indicate an accuracy–efficiency trade-off suitable for real-time deployment. All datasets, code, and results are publicly available to facilitate reproducibility.
Almahaqeri et al. (Sat,) studied this question.