Open Access

ARTICLE

Transfer Learning-Based Approach with an Ensemble Classifier for Detecting Keylogging Attack on the Internet of Things

Yahya Alhaj Maz¹, Mohammed Anbar¹, Selvakumar Manickam^1,*, Mosleh M. Abualhaj², Sultan Ahmed Almalki³, Basim Ahmad Alabsi⁴

1 Cybersecurity Research Center (CYRES), Universiti Sains Malaysia (USM), Penang, 11800, Malaysia
2 Department of Networks and Cybersecurity, Al-Ahliyya Amman University, Amman, 19328, Jordan
3 Computer Department, Applied College, Najran University, Najran, 66462, Saudi Arabia
4 Department of Cyber Security, Middle East University, Amman, 11831, Jordan

* Corresponding Author: Selvakumar Manickam. Email:

(This article belongs to the Special Issue: Towards Privacy-preserving, Secure and Trustworthy AI-enabled Systems)

Computers, Materials & Continua 2025, 85(3), 5287-5307. https://doi.org/10.32604/cmc.2025.068257

Received 24 May 2025; Accepted 19 August 2025; Issue published 23 October 2025

Abstract

The Internet of Things (IoT) is an innovation that combines imagined space with the actual world on a single platform. Because of the recent rapid rise of IoT devices, there has been a lack of standards, leading to a massive increase in unprotected devices connecting to networks. Consequently, cyberattacks on IoT are becoming more common, particularly keylogging attacks, which are often caused by security vulnerabilities on IoT networks. This research focuses on the role of transfer learning and ensemble classifiers in enhancing the detection of keylogging attacks within small, imbalanced IoT datasets. The authors propose a model that combines transfer learning with ensemble classification methods, leading to improved detection accuracy. By leveraging the BoT-IoT and keylogger_detection datasets, they facilitate the transfer of knowledge across various domains. The results reveal that the integration of transfer learning and ensemble classifiers significantly improves detection capabilities, even in scenarios with limited data availability. The proposed TRANS-ENS model showcases exceptional accuracy and a minimal false positive rate, outperforming current deep learning approaches. The primary objectives include: (i) introducing an ensemble feature selection technique to identify common features across models, (ii) creating a pre-trained deep learning model through transfer learning for the detection of keylogging attacks, and (iii) developing a transfer learning-ensemble model dedicated to keylogging detection. Experimental findings indicate that the TRANS-ENS model achieves a detection accuracy of 96.06% and a false alarm rate of 0.12%, surpassing existing models such as CNN, RNN, and LSTM.

---

Keywords

---