Research Project

Concept drift in IoT intrusion detection.

Final-year research on whether an IDS model still deserves trust once the traffic it sees starts to change.

Core problem Detection reliability under changing IoT traffic conditions.

Approach Drift-aware evaluation instead of one-off scoring.

Technical base Python, ML evaluation, network data analysis, security framing.

Role value Useful for teams that care whether detection still holds in practice.

Project view

This project asks a simple question: if network behaviour changes, can you still trust the intrusion detection model you trained earlier?

Research Shape

The core logic of the project.

01 Baseline

model trained on earlier traffic

02 Behaviour shifts

environment begins to move

03 Performance tested

drift impact measured

04 Trust question

does detection still hold

Basic overview

This project tests whether an intrusion detection model trained on earlier IoT traffic can still be trusted once network behaviour starts to change over time.

The aim was to measure the effect of concept drift on detection reliability and understand when declining model performance should trigger retraining or closer analyst review.

Research question

Most IDS studies stop at model accuracy on a fixed dataset. This project is interested in what happens when the environment itself moves and the model has to keep up.

What the project is testing

How IoT traffic evolution affects a model trained on earlier behaviour.
Whether the drift is gradual or sharp enough to undermine trust in the output.
What evaluation approach makes most sense when the target is operational security work.

Technical themes

Python Intrusion Detection IoT Security ML Evaluation Detection Reliability