Sage Journals: Discover world-class research

Abstract

Smart farming systems, while enhancing agricultural productivity, are increasingly vulnerable to cyber threats due to their reliance on interconnected devices and networks. However, existing Intrusion Detection Systems (IDS) often suffer from high computational costs and suboptimal detection accuracy due to irrelevant features. To address this challenge, this study proposes a novel hybrid filter-based feature selection method designed to optimize feature selection for artificial neural network (ANN)-based IDS in smart farming environments. Unlike conventional methods that rely solely on chi-square, mutual information, or mean absolute deviation, the proposed method combines these techniques to leverage their complementary strengths. Furthermore, a comprehensive smart farming system was established to collect extensive data, creating a dedicated dataset named Smart-Farm-IDS for binary classification, distinguishing between normal operations and anomalies. Both shallow and deep ANN models were employed to detect these anomalies, with their performances compared in detail. Experimental results demonstrate that the proposed hybrid feature selection method enhances detection accuracy while reducing computational overhead compared to existing methods. This study offers a robust approach for improving the security and resilience of smart farming systems, providing a foundation for more secure agricultural operations.

Keywords

anomaly detection artificial neural network hybrid feature selection precision agriculture smart farming

1. Introduction

Smart farming systems have revolutionized modern agriculture in terms of productivity, sustainability, and efficiency by integrating advanced technologies such as the Internet of Things (IoT), sensors, and automated control systems (Dagar et al. 2018; Doshi et al., 2019). However, the increasing complexity, interconnectedness, and internet-connected operation for remote control of these digital ecosystems make smart farming systems vulnerable to various cyber threats (Farooq et al., 2019; Wei et al., 2024). Cyberattacks targeting these systems can cause significant disruptions, data breaches, and even physical damage to critical agricultural infrastructure. Therefore, protecting the security and integrity of smart farming systems has become a crucial priority for both researchers and practitioners.

Intrusion detection has been extensively studied in the context of computer networks, with numerous approaches proposed to enhance detection accuracy and efficiency, mitigating potential cyber threats in smart systems. For instance, support vector machine (SVM) models optimized using particle swarm optimization (PSO) have demonstrated improved attack detection, especially when combined with feature selection methods like chi-square (CS) (Upendran and Gopinath, 2020). Other studies have highlighted the challenges of detecting network attacks due to the evolving nature of threats and the need for large datasets. To address these, AdaBoost-based decision tree models have been employed, leveraging correlation-based feature selection to enhance detection performance (Ahmad et al., 2022). Deep neural network (DNN)-based models have also been explored, using XGBoost for feature selection to boost classification accuracy, outperforming traditional methods such as Logistic Regression and SVM (Devan and Khare, 2020). Random forest-based systems have further improved classification by maintaining multiclass attack categories and applying feature selection through correlation coefficients (Iwendi et al., 2020). Finally, advanced methods like long short-term memory (LSTM)-based models, employing principal component analysis (PCA) for feature engineering, have shown superior results for both binary and multiclass classifications (Laghrissi et al., 2021). These studies collectively highlight the ongoing advancements in intrusion detection for computer networks.

In the realm of IoT networks, intrusion detection has gained significant attention due to the widespread deployment of IoT devices across various sectors. To enhance detection performance, various machine learning and optimization techniques have been explored. For instance, one study demonstrated the use of multiple machine-learning algorithms, including artificial neural network (ANN), Random Forest, and SVM, for attack detection, with SVM achieving the highest accuracy (Sajja et al., 2021). Moreover, tree-based models such as XGBoost and Classification and Regression Trees have shown an optimal balance of accuracy and response time for detecting Denial-of-Service (DoS) attacks in IoT networks (Verma and Ranga, 2020). Additionally, intrusion detection for industrial IoT has also been addressed using XGBoost, achieving high performance on imbalanced datasets (Le et al., 2022). Furthermore, Firefly algorithm has been employed to optimize the parameters of the XGBoost classifier, significantly improving classification accuracy compared to standard optimization methods (Zivkovic et al., 2022). Finally, feature extraction techniques, including Autoencoders, Deep Autoencoders, and Stacked Autoencoders, have further enhanced Intrusion Detection Systems (IDSs), with Deep Autoencoders providing superior results in a DNN-based model (Kunang et al., 2021). These studies collectively highlight the advancements in intrusion detection for IoT networks.

As the focus shifts from general computer networks and IoT environments to the more specialized domain of smart farming, intrusion detection faces unique challenges. In smart farming systems, where IoT devices are widely used for monitoring and automation, the security of both the network and physical layers becomes critical. Several studies have explored intrusion detection specifically tailored to the unique characteristics of smart farming networks. For instance, an IDS designed for agricultural IoT networks demonstrated effective binary attack classification using SVM, Random Forest, and Logistic Regression, with SVM achieving the highest accuracy (Raghuvanshi et al., 2022). Another study compared deep learning techniques, including convolutional neural network (CNN), DNN, and recurrent neural networks (RNNs), with CNN achieving superior performance (Attack et al. 2021). Another framework combined CNN with transfer learning and utilized the Black Kite Algorithm (BKA) for hyperparameter optimization, with extremely randomized trees (ET) used for feature extraction (Zhou et al., 2025). Additionally, CNN-based model optimized with the wild horse optimization (WHO) algorithm effectively detected Distributed DoS attacks in smart farming networks, with bi-gated recurrent unit (Bi-GRU) employed for dimensionality reduction (Kethineni and Pradeepini, 2024). These studies collectively demonstrate the adaptation of diverse machine learning techniques to enhance the security of smart farming systems.

As detailed in Section 2, many existing intrusion detection studies rely heavily on a limited set of publicly available datasets and primarily focus on network-layer attacks. Although numerous solutions have been developed to mitigate cyberattacks in smart farming networks, challenges remain, particularly in handling high-dimensional feature spaces and computational overhead. In smart farming systems, it is essential to detect anomalies and cyberattacks both quickly and accurately (Javeed et al., 2024). Feature selection plays a vital role in accelerating detection tasks by reducing the number of input features, thereby simplifying the model architecture and improving performance (Kwak and Choi, 2002; Shivhare and (Nigam) Saxena, 2021). Consequently, feature selection is a critical step in the development of effective IDSs. In this study, a hybrid feature selection method is proposed for an ANN-based IDS to identify cyberattacks and anomalies in smart farming environments. Additionally, a comprehensive smart farming testbed was established, and data were collected from realistic scenarios to create a domain-specific dataset named Smart-Farm-IDS: Smart Farming Intrusion Detection System Dataset. This dataset supports binary classification, distinguishing between normal behavior and potential anomalies or attacks. Unlike publicly available datasets, Smart-Farm-IDS dataset focuses on the physical layer security of agricultural systems rather than being network-based, where sensor tampering, signal interference, unauthorized sensor manipulation, or spoofing can severely impact crop production and system operations. Both shallow and deep ANN models were employed to perform detection, and their performance was compared to determine the most effective model. The proposed hybrid feature selection technique integrates the strengths of multiple existing methods, including CS, mutual information (MI), and MAD, to enhance detection speed and efficiency. The findings aim to strengthen the security and resilience of smart farming systems. The main contributions of this research are as follows:

Proposed a hybrid feature selection method that leverages the strengths of existing methods such as CS, MI, and MAD for an ANN-based IDS to enhance the anomaly detection time performance of the model in smart farming systems.

Designed and implemented a comprehensive smart farming system and collected extensive data under realistic operational scenarios to create a domain-specific dataset.

Created a binary classification dataset named Smart-Farm-IDS with 15 features and 172,800 data samples, distinguishing between normal operations and potential cyberattacks or anomalies, with a focus on the physical layer security of smart farming systems.

Implemented and compared both shallow and deep ANN models to identify cyberattacks and anomalies, systematically analyzing the effects of hybrid feature selection methods on both models.

The rest of this paper is organized as follows: Section 2 outlines the related works. Section 3 covers the setup of the smart farming system, data collection, and dataset creation processes. Section 4 represents the data preprocessing procedures. Section 5 summarizes the methodology of the shallow and deep ANN models developed for anomaly detection and outlines the proposed hybrid feature selection method along with existing feature selection methods. Section 6 provides the experimental results and analysis of the classification performance of shallow and deep ANN models using the proposed feature selection approaches. Finally, Section 7 includes a summary of the findings and directions for future research in the conclusion.

2. Related work

Numerous IDSs which are summarized in Table 1 have recently been developed to enhance the security of smart farming systems. These IDSs are designed to detect binary attacks, multiclass attacks, or both. For example, Raghuvanshi et al. (2022) proposed an IDS for classifying binary attacks on IoT networks in agricultural environments, evaluated using the NSL-KDD dataset. The system applied preprocessing steps such as converting categorical features to numerical values and feature extraction via PCA, followed by classification using SVM, Random Forest, and Logistic Regression. Among these, the SVM model achieved the highest accuracy of over 98%, while the others performed below 78%. Similarly, El-Ghamry et al. (2023) developed an IDS using deep learning techniques, also based on the NSL-KDD dataset. Feature selection was conducted using recursive feature elimination (RFE), and selected features were transformed into square-shaped color images to suit CNN architectures. Among the tested CNN models such as VGG16, Inception, and Xception, the VGG16 demonstrated superior performance. Mohy-eddine et al. (2024) introduced an IDS using a radial basis function neural network (RBFNN) to detect network intrusions in smart farming systems. Feature selection was optimized using machine learning techniques such as LightGBM, Random Forest, AdaBoost, XGBoost, and Extra Trees, while outlier detection employed a one-class SVM. The system was validated on the NF-ToN-IoT and NF-Bot-IoT datasets, achieving 99.25% accuracy with an 82.97% Matthews correlation coefficient (MCC), and 96.92% accuracy with a 90.05% MCC, respectively. Furthermore, Prakash et al. (2025) proposed an improved multiview graph convolutional network (IMGCN) for intrusion detection in IoT-based smart farming. Their method used data from the NF-Bot-IoT dataset, addressed class imbalance with the synthetic minority over-sampling technique, and applied RFE in the feature selection step to remove noisy or irrelevant data. The IMGCN model achieved superior results compared to a traditional multilayer perceptron, with 93.25% accuracy, 92.23% precision, and a 91.78% F1-score.

Table 1.
Summary of the related works for intrusion detection systems targeting smart farming systems.

Author Year Classification model Feature engineering method Dataset Evaluation metric Classification type Timing analysis Cross-validation

Ferrag et al. (2021) 2021 CNN ✗ CIC-DDoS2019, TON_IoT Accuracy, precision, F1-score, recall Multiclass and binary ✓ ✗

Raghuvanshi et al. (2022) 2022 SVM PCA NSL-KDD Accuracy, precision, recall Binary ✗ ✗

Friha et al. (2022) 2022 FELIDS ✗ CSE-CIC-IDS2018, MQTTset, and InSDN. Accuracy, recall, precision, F1-score Multiclass ✗ ✗

El-Ghamry et al. (2023) 2023 VGG16 ✗ NSL-KDD Accuracy, recall, precision, F1-score Binary ✗ ✗

Kethineni and Pradeepini (2024) 2023 CNN Bi-GRU ToN-IoT, APA-DDoS Accuracy, detection rate, precision, F1-score, ROC Multiclass ✓ ✗

Mohy-eddine et al. (2024) 2024 RBFNN LightGBM, random forest, XGBoost, Extra Trees, AdaBoost NF-ToN-IoT, NF-Bot-IoT Accuracy, MCC Binary ✗ ✓

Aburasain (2024) 2024 EBWO-HDLID BES ToN-IoT, Edge-IIoTset Accuracy, recall, precision, F1-score Multiclass ✗ ✓

Aburasain and Balobaid (2024) 2024 VGG19 PCC ToN-IoT, NSL-KDD Accuracy, recall, precision, F1-score Multiclass ✗ ✗

Zidi et al. (2024) 2024 KELM DKPLS X-IIoTID accuracy, recall, specificity, F1-score Multiclass and Binary ✓ ✗

Wei et al. (2024) 2024 CatBoost SHAP Ton_IoT Accuracy, recall, precision, F1-score, FPR Binary and Multiclass ✗ ✗

Prakash et al. (2025) 2025 IMGCN RFE NF-Bot-IoT Accuracy, precision, F1-score Binary ✗ ✗

Zhou et al. (2025) 2025 CBCTL-IDS ET ToN-IoT, Edge-IIoTset, WSN-DS Accuracy, recall, precision, F1-score Multiclass ✓ ✓

Ferreira et al. (2025) 2025 DNN and Random Forest ✓ Farm-Flow accuracy, recall, precision, F1-score Binary and Multiclass ✗ ✗

This Paper — Shallow and Deep ANN Hybrid (CS + MI +MAD) Smart-Farm-IDS Accuracy, recall, precision, F1-score Binary ✓ ✓

Author	Year	Classification model	Feature engineering method	Dataset	Evaluation metric	Classification type	Timing analysis	Cross-validation
Ferrag et al. (2021)	2021	CNN	✗	CIC-DDoS2019, TON_IoT	Accuracy, precision, F1-score, recall	Multiclass and binary	✓	✗
Raghuvanshi et al. (2022)	2022	SVM	PCA	NSL-KDD	Accuracy, precision, recall	Binary	✗	✗
Friha et al. (2022)	2022	FELIDS	✗	CSE-CIC-IDS2018, MQTTset, and InSDN.	Accuracy, recall, precision, F1-score	Multiclass	✗	✗
El-Ghamry et al. (2023)	2023	VGG16	✗	NSL-KDD	Accuracy, recall, precision, F1-score	Binary	✗	✗
Kethineni and Pradeepini (2024)	2023	CNN	Bi-GRU	ToN-IoT, APA-DDoS	Accuracy, detection rate, precision, F1-score, ROC	Multiclass	✓	✗
Mohy-eddine et al. (2024)	2024	RBFNN	LightGBM, random forest, XGBoost, Extra Trees, AdaBoost	NF-ToN-IoT, NF-Bot-IoT	Accuracy, MCC	Binary	✗	✓
Aburasain (2024)	2024	EBWO-HDLID	BES	ToN-IoT, Edge-IIoTset	Accuracy, recall, precision, F1-score	Multiclass	✗	✓
Aburasain and Balobaid (2024)	2024	VGG19	PCC	ToN-IoT, NSL-KDD	Accuracy, recall, precision, F1-score	Multiclass	✗	✗
Zidi et al. (2024)	2024	KELM	DKPLS	X-IIoTID	accuracy, recall, specificity, F1-score	Multiclass and Binary	✓	✗
Wei et al. (2024)	2024	CatBoost	SHAP	Ton_IoT	Accuracy, recall, precision, F1-score, FPR	Binary and Multiclass	✗	✗
Prakash et al. (2025)	2025	IMGCN	RFE	NF-Bot-IoT	Accuracy, precision, F1-score	Binary	✗	✗
Zhou et al. (2025)	2025	CBCTL-IDS	ET	ToN-IoT, Edge-IIoTset, WSN-DS	Accuracy, recall, precision, F1-score	Multiclass	✓	✓
Ferreira et al. (2025)	2025	DNN and Random Forest	✓	Farm-Flow	accuracy, recall, precision, F1-score	Binary and Multiclass	✗	✗
This Paper	—	Shallow and Deep ANN	Hybrid (CS + MI +MAD)	Smart-Farm-IDS	Accuracy, recall, precision, F1-score	Binary	✓	✓

In addition to binary attack detection, several IDSs have been developed specifically for multiclass attack detection in smart farming environments. For instance, Friha et al. (2022) introduced FELIDS, a federated learning-based IDS aimed at enhancing the security of agricultural IoT infrastructures while preserving data privacy. FELIDS trains deep learning models, including DNN, CNN, and RNN, locally on devices, sharing only model updates with a central server for aggregation. Evaluated on the CSE-CIC-IDS2018, MQTTset, and InSDN datasets, FELIDS outperformed traditional centralized approaches in terms of both detection accuracy and privacy preservation. Similarly, Kethineni and Pradeepini (2024) proposed an IDS for detecting Distributed DoS attacks in smart farming networks. The system preprocesses data using normalization and label encoding, followed by dimensionality reduction using a Bi-GRU. A CNN model then classifies the attacks, and its accuracy is further enhanced by the WHO algorithm which is a metaheuristic inspired by the social behavior of wild horses. This model achieved 99.35% accuracy on the APA-DDoS-Attack dataset and 99.71% on the ToN-IoT dataset. Additionally, Aburasain (2024) proposed the EBWO-HDLID method, which integrates enhanced black widow optimization (EBWO) with a hybrid deep learning classification model for intrusion detection in IoT-enabled smart farming. The system uses the bald eagle search (BES) algorithm for feature selection and EBWO for tuning the hybrid model's parameters. Experimental results on the ToN-IoT and Edge-IIoTset datasets demonstrated strong performance in detecting various types of intrusions, highlighting the method's effectiveness in securing smart agricultural systems.

Other recent studies have also focused on multiclass intrusion detection in smart farming systems. For instance, Aburasain and Balobaid (2024) proposed a hybrid deep learning-enabled IDS with PSO tailored for IoT-based agriculture. This system incorporates preprocessing and feature selection, followed by classification using a hybrid deep learning model based on VGG19 and transfer learning. PSO is employed to fine-tune the model's hyperparameters. The approach was validated using the ToN-IoT and NSL-KDD datasets, demonstrating high accuracy in detecting diverse cyber threats. Similarly, Zhou et al. (2025) introduced CBCTL-IDS, a novel IDS that integrates CNN with transfer learning and BKA for hyperparameter optimization. The system also includes a confidence averaging mechanism to improve prediction robustness and uses ET for feature extraction. Evaluations conducted on the ToN-IoT, Edge-IIoTset, and WSN-DS datasets revealed that CBCTL-IDS consistently achieved detection accuracies above 99%, outperforming conventional methods.

Several studies have addressed IDSs capable of handling both binary and multiclass classification in smart agriculture. In one of these studies, Ferrag et al. (2021) conducted a comparative analysis of deep learning techniques, including CNN, DNN, and RNN, using the CIC-DDoS2019 and ToN-IoT datasets. Their results showed that the CNN-based IDS outperformed other models in both classification types. Similarly, Zidi et al. (2024) proposed a kernel extreme learning machine (KELM)-based IDS architecture to safeguard IoT networks in smart farming. Their two-phase model first used the downsized kernel partial least squares (DKPLS) algorithm for feature extraction and dimensionality reduction, followed by classification with KELM. The approach achieved high performance on the X-IIoTID dataset. In another study, Wei et al. (2024) introduced a CatBoost-based IDS, targeting the physical layer of smart agriculture. Evaluated on the ToN-IoT dataset, the model achieved outstanding binary classification results with 99.94% accuracy, 99.88% precision, and 99.88% recall, and it also outperformed other models in multiclass detection. Additionally, Ferreira et al. (2025) developed a custom IDS for agricultural IoT environments, supported by a newly created dataset named Farm-Flow. This dataset included over one million instances and eight types of attacks. Evaluation results showed that the DNN model performed best in binary classification, while the random forest model excelled in multiclass classification.

Despite the significant progress in IDSs for smart agriculture, several key challenges remain unaddressed. A major limitation across many existing studies is the heavy reliance on a small number of publicly available datasets, such as NSL-KDD, ToN-IoT, and NF-Bot-IoT. These datasets, while useful, often lack the specificity, diversity, and realism needed to fully reflect the complexities of real-world agricultural environments, leading to potential issues with model generalization and practical deployment. Furthermore, most works focus on detecting network-layer attacks, while fewer explore the physical layer security of agricultural systems, where sensor tampering or spoofing can severely impact crop production and system operations. Additionally, some IDS models depend heavily on computationally intensive deep learning techniques, which may not be suitable for deployment on resource-constrained edge devices commonly used in smart farming. To address these gaps, this work introduces a new, domain-specific smart farming dataset that better captures the intricacies of physical-layer attacks in agricultural settings and proposes a lightweight detection system suitable for deployment on resource-constrained edge devices.

3. Smart farming system and Smart-Farm-IDS dataset

A comprehensive dataset is essential for the development of an effective ANN binary classification model which is capable of anomaly and cyberattack detection in real-time (Prasad et al. 2019; Saabith, 2014). This dataset includes a variety of sensor data from the smart farming system and offers valuable insights into both normal operations and possible anomalies such as cyberattacks, sensor malfunctions, or environmental disturbances. Detailed recording of sensor readings, rigorous preprocessing, and labeling processes ensure that the dataset is suitable for training ANN models aimed at enhancing the safety and reliability of smart farming systems (Sayyad et al., 2021).

In this study, a smart farming system was first established within a controlled laboratory environment to create a dedicated dataset named Smart-Farm-IDS: Smart Farming Intrusion Detection System Dataset. Although the system was set up in a laboratory, it was carefully designed to operate under realistic environmental conditions, ensuring that the collected data accurately reflects real-world scenarios. This setup allowed for precise control over system parameters, enabling systematic data collection over a defined period while maintaining data authenticity. Despite not being a commercially deployed or long-term installation, the system effectively simulated various real-world conditions, including sensor tampering, signal interference, unauthorized sensor manipulation, and spoofing. These simulated scenarios provide a comprehensive representation of potential security threats in smart farming, making the Smart-Farm-IDS dataset highly relevant for intrusion detection research.

The established smart farming system consists of three main parts: the irrigation system, the condition monitoring system, and the central system. The overall structure of the established smart farming system is shown in Figure 1.

Figure 1.

Overall structure of the established smart farming system.

The components used in the system, the sensors and the specific parameters measured by these sensors are explained in detail below.

3.1. Irrigation system

The irrigation system satisfies the water needs of the plants. This system includes the following components and sensors:

Irrigation motor: This motor, which is Water Pump 2 in Figure 1, draws water from the water tank to irrigate the plant when needed, delivering it to the soil. The active and inactive states of the motor are recorded.

Water tank motor: This motor, which is Water Pump 1 in Figure 1, is activated to fill the water tank when the water level drops below a certain threshold value, which is 5 in this system. The active and inactive states of the motor are recorded.

Water temperature sensor: This sensor measures the temperature of the water in the tank, which is important for keeping the water at an optimal temperature for plant health (Yamori et al., 2022). This value is recorded by measuring in degrees Celsius (°C).

Electrical conductivity (EC) sensor: This value measures the ability of water to conduct electric current, and this measurement is related to the concentration of ions in the water (Thirstrup and Deleebeeck, 2021). Electrical conductivity is expressed in units of micro siemens per centimeter (μS/cm) or siemens per meter (S/m). A high EC value indicates that there is a high number of ions in the water and hence the water is better able to conduct electric current. This value is measured and recorded in micro siemens per centimeter.

Total dissolved solids (TDS) sensor: This value indicates the total concentration of organic and inorganic substances dissolved in the water (Adjovu et al., 2023). The TDS value is used to evaluate the purity and quality of water. The unit is usually expressed in parts per million (ppm).

Water level sensor: This sensor detects the water level in the tank and helps to keep this level within the desired range. Thus, both overflow and water shortage conditions in the tank are prevented. This value has a range from 0 to 20. A level of 0 indicates that the tank is empty, while a step of 20 indicates that it is fully loaded.

3.2. Condition monitoring system

The condition monitoring system provides monitoring of the environmental conditions necessary for the optimal growth of plants. This system includes the following components and sensors:

Temperature sensor: This sensor measures the ambient temperature in the agricultural environment. Continuous temperature control is important for the growth and health of plants. This value is recorded by measuring in degrees Celsius (°C).

Humidity sensor: This sensor monitors humidity levels in the air. This value is recorded in percentage (%).

Heat index: The heat index is a value that expresses the temperature felt together with the humidity in the air (Blazejczyk et al., 2012). It can affect the growth, development and overall health of plants, especially in high temperature and humidity conditions. This value is calculated using the humidity and temperature value together and is recorded in degrees Celsius (°C).

Light intensity sensor: This sensor measures the light intensity presented to plants. Adequate light is essential for photosynthesis and overall plant growth. This value is recorded by measuring it in lux.

Air quality sensor: This sensor provides information about air quality by detecting methane, propane, butane, hydrogen, carbon monoxide concentrations. The unit is usually expressed in parts per million (ppm).

Soil moisture sensor: This sensor determines the moisture in the soil (Susha Lekshmi et al., 2014). This value is recorded in percentage (%). In the installed system, two soil moisture sensors placed in different regions were used and the final moisture value was determined by averaging these sensors.

Led light: It provides the necessary light source for the growth of plants in the absence of daylight. This value is recorded in the form of when the light is on and off.

3.3. Central system

The central system consists of a microcontroller. All sensors are connected to this microcontroller unit. Once the sensor data is collected here, it is sent to a server for remote control and monitoring.

The Smart-Farm-IDS dataset were collected and recorded from the sensors of the established smart farming system at one-second intervals for 48 h (from 14.6.2024 02:00:00 to 16.6.2024 01:59:59). These sensor readings constitute each feature of the dataset. In addition, each sensor reading is timestamped, as maintaining the chronological order of events is important for identifying anomalies and potential cyberattacks. Finally, the collected data was processed by labeling each data point as normal or abnormal based on predefined criteria. Abnormal data points include sensor failures or potential cyberattacks, while normal data points include regular operational data that contains no signs of anomalies or attacks.

Table 2 shows a few examples from the obtained Smart-Farm-IDS dataset. This dataset consists of a total of 15 features, including a timestamp, and 172,800 samples. Of these samples, 16,548 contain abnormal conditions, while the rest represent normal conditions. This corresponds to approximately 9.57% of the total data.

Table 2.
Representative examples from the Smart-Farm-IDS dataset.

Timestamp WaterLevel WaterPumpToTank WaterPumpFromTank WaterTemperature EC TDS LightIntensity Humidity Temperature HeatIndex} AirQuality SoilHumidity1 SoilHumidity2 Light Class

14.06.2024 02:01:55 9 Inactive Inactive 25.88 680.3 253 597.5 58.5 27.3 22.48 472 11.53 13.49 On Normal

14.06.2024 05:28:35 9 Inactive Inactive 25.75 688.7 256 603.33 62.2 27.1 22.43 416 11.44 12.9 On Normal

14.06.2024 09:23:12 9 Inactive Inactive 25.88 663.5 247 261.67 59.5 27.4 22.64 552 11.24 13.29 Off Normal

14.06.2024 19:18:48 0 Inactive Inactive 27.69 671.9 250 434.17 62.5 28.3 23.77 410 9.58 12.32 Off Attack

15.06.2024 03:32:12 9 Inactive Inactive 27.25 713.9 265 891.67 68.3 29 24.81 449 9.9 10.48 On Normal

15.06.2024 06:28:28 9 Inactive Inactive 27.38 713.9 265 944.17 70.1 29 2.2 494 9.88 10.37 On Attack

15.06.2024 09:05:59 9 Active Inactive 27.38 671.9 250 162.5 69.2 28.6 24.41 614 9.97 11.14 Off Attack

15.06.2024 11:15:22 17 Active Inactive 26.13 831.5 306 227.5 69.7 28.9 24.77 494 28.93 42.33 Off Normal

15.06.2024 12:26:37 20 Inactive Inactive 26.75 839.8 309 226.67 69.8 28.7 24.55 456 24.83 29.81 Off Normal

15.06.2024 13:03:00 20 Inactive Inactive 27 839.8 309 219.17 69.7 28.7 24.55 460 23.85 29.52 Off Normal

15.06.2024 15:19:35 20 Active Active 27.69 848.2 312 928.33 67.3 29.1 24.87 437 22.68 28.45 On Attack

15.06.2024 16:19:00 20 Inactive Inactive 28.13 848.2 312 1377.5 65.2 29.5 25.21 426 23.17 28.45 Off Normal

16.06.2024 01:15:23 20 Inactive Inactive 28.38 881.8 324 991.67 59.1 29.4 24.82 412 24.83 24.63 On Normal

16.06.2024 01:58:04 20 Inactive Inactive 28.25 873.4 321 987.5 58.8 29.5 24.91 417 25.02 25.42 On Normal

Timestamp	WaterLevel	WaterPumpToTank	WaterPumpFromTank	WaterTemperature	EC	TDS	LightIntensity	Humidity	Temperature	HeatIndex}	AirQuality	SoilHumidity1	SoilHumidity2	Light	Class
14.06.2024 02:01:55	9	Inactive	Inactive	25.88	680.3	253	597.5	58.5	27.3	22.48	472	11.53	13.49	On	Normal
14.06.2024 05:28:35	9	Inactive	Inactive	25.75	688.7	256	603.33	62.2	27.1	22.43	416	11.44	12.9	On	Normal
14.06.2024 09:23:12	9	Inactive	Inactive	25.88	663.5	247	261.67	59.5	27.4	22.64	552	11.24	13.29	Off	Normal
14.06.2024 19:18:48	0	Inactive	Inactive	27.69	671.9	250	434.17	62.5	28.3	23.77	410	9.58	12.32	Off	Attack
15.06.2024 03:32:12	9	Inactive	Inactive	27.25	713.9	265	891.67	68.3	29	24.81	449	9.9	10.48	On	Normal
15.06.2024 06:28:28	9	Inactive	Inactive	27.38	713.9	265	944.17	70.1	29	2.2	494	9.88	10.37	On	Attack
15.06.2024 09:05:59	9	Active	Inactive	27.38	671.9	250	162.5	69.2	28.6	24.41	614	9.97	11.14	Off	Attack
15.06.2024 11:15:22	17	Active	Inactive	26.13	831.5	306	227.5	69.7	28.9	24.77	494	28.93	42.33	Off	Normal
15.06.2024 12:26:37	20	Inactive	Inactive	26.75	839.8	309	226.67	69.8	28.7	24.55	456	24.83	29.81	Off	Normal
15.06.2024 13:03:00	20	Inactive	Inactive	27	839.8	309	219.17	69.7	28.7	24.55	460	23.85	29.52	Off	Normal
15.06.2024 15:19:35	20	Active	Active	27.69	848.2	312	928.33	67.3	29.1	24.87	437	22.68	28.45	On	Attack
15.06.2024 16:19:00	20	Inactive	Inactive	28.13	848.2	312	1377.5	65.2	29.5	25.21	426	23.17	28.45	Off	Normal
16.06.2024 01:15:23	20	Inactive	Inactive	28.38	881.8	324	991.67	59.1	29.4	24.82	412	24.83	24.63	On	Normal
16.06.2024 01:58:04	20	Inactive	Inactive	28.25	873.4	321	987.5	58.8	29.5	24.91	417	25.02	25.42	On	Normal

Table 3 provides a detailed overview of the features in the dataset. It describes each feature in the dataset with its type, range of values, and statistical measures such as standard deviation and mean. The features are labeled F0 through F19. The timestamp is divided into six different features as day (F0), month (F1), year (F2), hour (F3), minute (F4), and second (F5), which is outlined in Section 4.

Table 3.

Detailed overview of the features of Smart-Farm-IDS dataset.

Name	ID	Type	Values	Mean	Std
Timestamp	from F0 to F5	timestamp	from 14.6.2024 2:0:0to 16.6.2024 1:59:59	—	—
WaterLevel	F6	integer	from 0 to 25	12.47	5.20
WaterPumpToTank	F7	categorical	Active or Inactive	—	—
WaterPumpFromTank	F8	categorical	Active or Inactive	—	—
WaterTemperature	F9	float	from 0 to 44.04	27.31	1.36
EC	F10	float	from 0 to 940.63	741.21	85.66
TDS	F11	integer	from 0 to 883	276.68	48.60
LightIntensity	F12	float	from 11.1 to 1721.67	602.47	348.79
Humidity	F13	float	from 51.9 to 71.7	62.12	5.03
Temperature	F14	float	from 0 to 30.1	28.52	1.38
HeatIndex	F15	float	from 2.2 to 31.09	24.06	1.34
AirQuality	F16	integer	from 345 to 641	457.35	57.01
SoilHumidity1	F17	float	from 5.56 to 34.02	14.71	6.60
SoilHumidity2	F18	float	from 8.24 to 51.61	16.94	7.55
Light	F19	categorical	On or Off	—	—
Class	C	categorical	Normal or Attack	—	—

4. Data preprocessing

Data preprocessing is the process of transforming and cleaning the raw data to make it suitable for analysis or modeling. This process includes steps such as filling in or removing missing data, handling outliers, performing data type conversions, encoding categorical data, and feature scaling (Fan et al., 2021; Gawhade et al. 2022). However, the Smart-Farm-IDS dataset used in this study presented specific domain characteristics that necessitated specialized preprocessing techniques.

In the first step, the timestamp feature was decomposed into six distinct features: day, month, year, hour, minute, and second. This decomposition was essential for accurately capturing temporal patterns specific to smart farming operations, where system behavior can vary significantly across different times of the day or seasons. By treating these time components as separate features, the model could better identify potential temporal patterns related to normal or anomalous activities.

For the classification process with ANN, categorical values need to be converted into a numerical format (Potdar et al., 2017). It can be accomplished by using a Label Encoder (LB) method, which assigns a unique integer to each category of a categorical feature. For example, if a categorical feature has values such as “inactive”, and “active”, the LB converts these values to 0, and 1, respectively. This is important step because categorical data cannot be directly handled by ANNs; they can only handle numerical inputs. Categorical values are converted into numerical labels, which makes the data ready for further processing and ANN model training. In this study, the categorical data such as the states of water pumps (inactive/active), the LED light (on/off), and the target (normal/attack) in the obtained dataset were converted into numerical values using LB. This transformation was not only necessary because ANNs can only process numerical data, but it was also crucial for maintaining the logical relationships between categories, ensuring that the ANN model could effectively distinguish between these states during training.

Furthermore, the dataset's diverse range of feature distributions posed an additional challenge. Once the label coding of categorical features is done, normalizing the data is a preprocess used to improve the performance of the ANN (Nawi et al., 2013). Normalization is typically performed using a standard scaler (SS), which sets the mean of features to zero and the standard deviation to one. This process, known as standardization, brings all features to the same scale, avoiding any single feature from dominating the learning process due to its magnitude. For each feature, SS converts each data point in the feature by subtracting it from the mean and dividing it by the standard deviation. Normalizing the data not only accelerates the convergence rate during training but also improves the accuracy and robustness of the ANN (Singh and Singh, Dec. 2020). Therefore, each feature (F0 to F19) of the Smart-Farm-IDS dataset was normalized using the SS method. The resulting distributions of the normalized features are presented in Figure 2. As clearly shown, this process centers the features around a mean of zero and a standard deviation of one, ensuring that no single feature disproportionately influences the learning process of ANN model. The dataset exhibits various distribution patterns across its features. Features F1, F2, F3, F4, and F5 display nearly uniform distributions, indicating that their values are evenly spread within a specific range. In contrast, features F6, F7, and F8 show distinct peaks, suggesting categorical or discrete values. Features F12, F13, F16, and F17 are characterized by multimodal distributions, with multiple peaks suggesting that the data may originate from several distinct underlying distributions. Finally, feature F19 is highly concentrated around two points, indicating a binary nature. These varying distributions highlight the diverse nature of the features within the Smart-Farm-IDS dataset, reflecting different types of data, which is common in IDSs for smart farming.

Figure 2.

Distributions of normalized features of Smart-Farm-IDS dataset.

5. Methods

This section presents the methodological framework of the study, aiming to develop a new hybrid feature selection method to reduce the number of features and enhance the detection performance of the ANN. It begins by detailing the feature selection methods initially employed, including CS, MAD, and MI, which are used to evaluate the importance of features based on different statistical criteria. Following this, the proposed hybrid feature selection method is introduced, which combines these individual methods to enhance feature selection effectiveness. Finally, the section describes the detection model based on ANN, which leverages the selected features for accurate and efficient classification.

5.1. Existing feature selection methods

In the realm of cybersecurity, particularly for anomaly detection using binary classification, selecting the most relevant features is critical for improving model performance and efficiency (Chen et al., 2020). This study utilizes three established filter-based feature selection methods: CS, MI, and MAD.

5.1.1. Chi-square

The CS is a statistical method used to resolve if there is a noteworthy association between categorical variables (Alrubaie et al., 2023). In feature selection process, it compares the perceived frequency of feature values in each class to the assumed frequency if there were no association between the feature and the target class. The CS statistic ( $X^{2}$ ) can be calculated as follows:

X^{2} = \sum \frac{{(O_{i} - E_{i})}^{2}}{E_{i}}

(1)

where

O_{i}

and

E_{i}

are the observed and expected frequencies of feature values, respectively. The CS statistic with respect to the target variable is calculated for each feature. Features with higher CS values indicate a stronger relationship with the target variable.

5.1.2. Mean absolute deviation

The MAD is a measure of variability in a dataset that provides the average of the absolute deviations from the mean of the dataset. It is used to understand the dispersion of data and can be utilized in feature selection to identify features with more variability (Babu and Malathi, 2023; Khair et al., 2017).

M A D = \frac{1}{n} \sum_{i = 1}^{n} | x_{i} - μ |

(2)

where n is the number of data points,

x_{i}

are the individual values in a dataset and

μ

is the mean of the data points. Features with higher MAD values indicate more variability and potentially more information content.

5.1.3. Mutual information

MI computes the amount of information obtained about one random variable through another random variable (Vergara and Estévez, 2014). It quantifies the dependency between variables. In feature selection, it quantifies how much information a feature contributes about the target variable. The MI ( $M I (F; T)$ ) between a feature F and the target T is defined as follows (Vergara and Estévez, 2014):

M I (F; T) = \sum_{f \in F} \sum_{t \in T} p (f, t) \log \frac{p (f, t)}{p (f) p (t)}

(3)

where F is the feature, T is the target variable,

p (f, t)

is the joint probability distribution function of F and T.

p (f)

and

p (t)

are the marginal probability distribution functions of F and T, respectively. Features with higher MI scores are considered more relevant to the target variable.

5.2. Hybrid feature selection methods

In the context of anomaly detection, the choice of feature selection methods is crucial, as it directly affects model performance (Gottwalt et al., 2019). For instance, the study in Aziz et al. (2013) introduces an anomaly detection approach using a genetic algorithm (GA) alongside various feature selection techniques, where the comparison revealed that the method using feature selection achieved the highest accuracy and sensitivity, despite producing the largest feature subset. Similarly, the study in El Sayed et al. (2022) focuses on detecting distributed denial-of-service (DDoS) attacks in software-defined networking (SDN) environments using deep learning. It applies feature selection methods to identify the most relevant features, significantly improving detection accuracy and reducing false alarms. These examples highlight the importance of selecting appropriate feature selection methods to enhance anomaly detection performance.

The combining existing methods is innovative and can potentially capture different aspects of feature importance (Ang et al., 2016). In this study, new hybrid feature selection methods have been developed using the existing feature selection methods such as CS, MI, and MAD. Each of these methods individually emphasizes different structural characteristics of the features, CS captures the relationship between categorical variables, MAD measures feature dispersion, and MI assesses the dependency between features. Using any single method may lead to an incomplete assessment of feature importance, potentially overlooking critical features. In this hybrid approach, the combination of these existing methods is performed using five different aggregation techniques: maximum, median, arithmetic mean, geometric mean, and harmonic mean. Each of these aggregation methods provides a unique way of combining the feature importance scores calculated by the three individual methods. Maximum aggregation retains the highest score among the three methods for each feature, ensuring that the strongest signal is captured. Median aggregation provides a balanced view by reducing the influence of extreme values. Arithmetic mean treats all methods equally, averaging their scores for a comprehensive assessment. Geometric mean emphasizes features consistently performing well across methods, while harmonic mean is sensitive to low scores, effectively highlighting features with consistently high importance. These aggregation techniques ensure a flexible and robust evaluation of feature relevance for anomaly detection.

By leveraging five aggregation techniques, the hybrid approach generates five different sets of feature importance scores, providing a comprehensive assessment of feature relevance. These combined scores are then used to rank the features, ensuring that the most informative features for the anomaly detection task are selected. This multiaggregation strategy not only improves the robustness of the feature selection process but also allows for greater flexibility in selecting the most suitable features for the classification model.

The existing feature selection methods have differently scaled scores (Hira and Gillies, 2015). To combine these methods, their scores have to be normalized. If not, one of them can dominate the final combined score. Min–max scaling method has been used to normalize the scores of CS, MI, and MAD methods before combining them. It transforms the original scores to a fixed range of [0, 1]. The feature with the highest original score will have a normalized score of 1, and the lowest will have 0. This normalization process preserves the relative relationships between the original data points. Also, it ensures that scores from different methods are on a comparable scale before aggregation (Talukder et al., 2017).

The normalized scores $(N S = \hat{X^{2}}, \hat{M I}, \hat{M A D})$ of CS, MI, and MAD methods are calculated as follows (Jain and Bhandare, 2013) using their unnormalized scores $(S = X^{2}, M I, M A D)$ :

NS = \frac{S - min (S)}{max (S) - min (S)}

(4)

After applying min–max scaling to the three feature selection methods separately, the normalized scores $\hat{X^{2}}, \hat{M I}$ , and $\hat{M A D}$ are used in the aggregation techniques.

5.2.1. Maximum score (Max)

The maximum score (Max) method selects the highest score among CS, MI, and MAD for each feature. It emphasizes the strongest signal from any of the individual methods. It is particularly useful when you want to capture features that are highly ranked by at least one method. Max values of the features can be calculated as follows:

Max = max (\hat{X^{2}}, \hat{M I}, \hat{M A D})

(5)

5.2.2. Median score (Median)

The median score (Median) method selects the median score among CS, MI, and MAD for each feature. It is a robust measure that is less affected by outliers and provides a central tendency of the scores. Median values are obtained as follows (Mishra et al., 2019):

Median = median (\hat{X^{2}}, \hat{M I}, \hat{M A D})

(6)

5.2.3. Arithmetic mean score (Mean)

The arithmetic mean score (Mean) method calculates the average score of CS, MI, and MAD for each feature. It provides an overall average importance of each feature by equally weighing the three scores. The mean values are calculated as follows (Mishra et al., 2019):

Mean = (\hat{X^{2}} + \hat{M I} + \hat{M A D}) / 3

(7)

5.2.4. Geometric mean score (G_mean)

The geometric mean score (G_mean) method calculates the geometric average of CS, MI, and MAD for each feature. It is useful for combining scores that vary on different scales and emphasizes features where all scores are relatively high. The geometric mean is less sensitive to extreme values compared to the arithmetic mean. It tends to favor features that perform consistently well across all three methods, as a low score in one method will significantly reduce the overall score. G_mean scores are measured as follows (Tharwat, 2018):

G_{m e a n} = (\hat{X^{2}} + \hat{M I} + \hat{M A D}) / 3

(8)

5.2.5. Harmonic mean score (H_mean)

The harmonic mean (H_mean) method calculates the reciprocal of the arithmetic mean of the reciprocals of CS, MI, and MAD for each feature. It is particularly useful when the scores are small and penalizes features with any low individual scores, giving more weight to the smallest values. G_mean values are obtained as follows (Chakrabarty 2025):

H_{m e a n} = 3 / (\frac{1}{\hat{X^{2}}} + \frac{1}{\hat{M I}} + \frac{1}{\hat{M A D}})

(9)

5.3. Artificial neural network

Biological neural networks learn by detecting patterns and relationships in data (Patel and Goyal, 2007). The human brain is an exceptional pattern recognition tool, consisting of billions of interconnected neurons. In this way, it can learn and identify an almost infinite variety of input patterns.

ANNs are digitized models that mimic the information processing of the human brain (Shanmuganathan, 2016). It is used for tasks such as regression, classification, and pattern recognition. An ANN consists of layers of interconnected neurons or nodes that execute simple calculations.

A neuron in an ANN is a basic computational unit that mimics the behavior of a biological neuron. Each neuron receives one or more input signals, processes them, and produces an output signal. The inputs to a neuron are multiplied by weights, which are parameters learned during the network's training process. These weighted inputs are then summed, and a bias is added to this summed result. The obtained value is put into process with an activation function that calculates the output of the neuron. Subsequently, the output of the neuron is transmitted to neurons in the next layer. This process contributes to the ability to learn and model complex patterns in data (da Silva et al., 2017).

As seen in Figure 3, the neurons in an ANN are organized into three main layers as the input layer, the hidden layer, and the output layer. The input layer presents the inputs of the dataset. Each neuron in this layer corresponds to a feature. There is one input layer in an ANN. The hidden layer is the intermediate layer between the output and input layers. An ANN can have one or more hidden layers. It processes the input data through weighted connections and applies activation functions to disrupt linearity. This lets the network to learn complicated patterns in the data. The output layer produces the final output of the network. Similar to the input layer, there is one output layer in an ANN. In this layer, there are usually as many neurons as there are classes. These neurons represent each class. So, there is one neuron for binary classification tasks. The output is usually passed through a final activation function like sigmoid to convert it into a probability score.

Figure 3.

General structure of an ANN model.

6. Results and discussion

This section is organized into three focused subsections to provide a comprehensive analysis of the study's findings. The first subsection, Feature Importance Analysis, explores the significance of each feature used in the model, highlighting which features most strongly contribute to accurate anomaly detection in the smart farming context. The second subsection, Performance Analysis of Shallow and Deep ANN Models, presents a detailed comparison between the detection capabilities of shallow and deep ANN models, including hyperparameter optimization results. Finally, the Timing Analysis subsection examines the computational efficiency of the proposed method, including the time required for feature selection process, providing insights into the practicality of the approach for real-world deployment.

6.1. Feature importance analysis

In this study, five hybrid feature selection methods were implemented to choose the most important features for anomaly detection in a smart indoor farming system. As mentioned in Section 5.2, existing feature selection methods such as CS, MAD, and MI were combined with five different approaches such as Max, Median, Mean, G_mean, and H_mean for hybrid methods. Moreover, five most important features out of 20 were selected with both hybrid and existing feature selection methods for fair performance comparison.

The feature importance scores of CS, MAD, and MI are illustrated in Figure 4. Each bar represents importance score of a feature, with higher scores indicating greater importance. Each method emphasizes different aspects of feature relevance, leading to a diverse ranking of features. Top five important features in the CS method are F11, F4, F7, F12, and F8. CS is a statistical test that measures the dependency between each feature and the target class (normal or attack). Therefore, features with the highest CS scores are those most strongly associated with the target class. Except these features, others have no significant importance, suggesting that their values do not significantly change between normal and attack conditions. Similarly, F12, F10, F16, and F11 are the highest-ranking features under MAD method. It captures the variability of each feature, measuring the average absolute deviation of values from the mean. Features with high MAD scores exhibit significant variation, which may be linked to different patterns in normal and attack scenarios. The others except these fives are of almost no importance, suggesting that their values are relatively consistent and show minimal variance, making them less useful for distinguishing normal and attack states. On the other hand, F5 has no importance under MI method, indicating that it provides limited information about the target class. But other features have importance with various scores. Top five features from most important to least important are F15, F16, F13, F12, and F14, indicating less uncertainty with the target variable.

Figure 4.

Feature importance scores of existing feature selection methods.

The differences in feature importance across the three methods, including CS, MAD, and MI, reveal critical insights about the security of the smart farming system. CS emphasizes features directly linked to attack conditions, such as sensor states or actuator statuses, which are essential for detecting unauthorized actions like tampering or spoofing. MAD highlights the features with high variability, which may indicate abnormal sensor readings or unstable system behavior during attacks, helping identify subtle, irregular patterns. MI focuses on features that provide the most information for distinguishing between normal and attack states, highlighting those that are most informative for classification. These findings have a significant real-world impact, as they help prioritize features that are most sensitive to malicious actions, enabling the development of more efficient and accurate IDSs. By understanding which features are most critical for detection, smart farming systems can be better protected against security threats, minimizing the risks of compromised operations, yield loss, or system malfunctions. These distinctions demonstrate how each method captures unique aspects of feature relevance, making a hybrid approach beneficial.

The feature importance scores of proposed hybrid methods are illustrated in Figure 5. Features F12, F11, and F4 consistently rank among the top important features across most hybrid methods. While some features (e.g., F12) maintain relatively stable importance across methods, others show considerable variability. For instance, F15 ranks high in the Max method but lower in others, indicating potential sensitivity to outliers. Features such as F5, F1, and F2 consistently rank low across all methods. The top five features for each aggregation method are as follows: For the Max method, the top five features are F15, F12, F11, F4, and F16. The Median method ranks F12, F7, F11, F16, and F4 as the top five features. According to the Mean method, the top features are F12, F11, F4, F15, and F7. The G_mean method identifies F12, F11, F4, F16, and F6 as the top five features. Finally, the H_mean method lists F12, F11, F4, F6, and F3 as the most important features. These rankings illustrate both the consistency and variability of feature importance across different aggregation methods, as each method captures different aspects of the data distribution. After determining top five features for each selection methods, ANN was used for detection.

Figure 5.

Feature importance scores of hybrid feature selection methods.

6.2. Performance analysis of shallow and deep ANN models

Two different ANN models which are called shallow ANN and deep ANN were used to detect anomaly. The distinction between these two models lies in the number of hidden layers they contain. Networks with one or two hidden layers are called shallow ANNs, while networks with more than two hidden layers are called deep ANNs (Al-Zewairi et al., 2020; Hoshino et al., 2022). While one hidden layer was used in the shallow ANN model, five hidden layers were used in the deep ANN. The performances of these two models for the hybrid filter-based feature selection methods were compared separately. To fair comparison, the values of parameters of both models were determined the same as: number of neurons per a hidden layer is 16, number of epochs is 50, and value for dropout in a hidden layer is 0.5. The dropout approach was used to avoid over-fitting during the training process by randomly deactivating half of the neurons in each layer.

The optimization of hyper-parameters of an ANN such as batch size, activation function, and learning optimizer is crucial to obtained best model performance (Kadhim et al., 2022). The optimization processes of shallow and deep ANN models were performed by using grid search approach. This approach is used to systematically determine the most suitable values for the hyper-parameters. It involves defining possible value ranges for them and training the model with each combination of these values. By evaluating the performance of model for each combination, it finds the optimal values that yield the highest accuracy. The optimal values of each hyper-parameter are given in Table 4.

Table 4.
Hyperparameters of shallow and deep ANN models with their possible values.

Hyper-parameter Possible values

Batch Size [8, 16, 32, 64, 128]

Activation Function [“relu,” “tanh,” “sigmoid,” “leaky_relu,” “swish”]

Learning Optimizer [“adam,” “SGD,”, “RMSprop,” “adagrad,” “adadelta”]

Hyper-parameter	Possible values
Batch Size	[8, 16, 32, 64, 128]
Activation Function	[“relu,” “tanh,” “sigmoid,” “leaky_relu,” “swish”]
Learning Optimizer	[“adam,” “SGD,”, “RMSprop,” “adagrad,” “adadelta”]

To further validate the effectiveness of hyper-parameter optimization process and assure the robustness of the models, five-fold cross-validation was used. This approach involves dividing the dataset into five equal subsets. The ANN is trained and tested five times, each time using a different subset as the test set and the remaining four subsets as the training set. This process provides a generalizable evaluation of the subsets of models by ensuring that each data point is used for both testing and training (Tembusai et al., 2021).

The results of existing feature selection methods are given in Table 5 for both shallow and deep ANNs. Also, the optimal hyper-parameter values obtained as result of grid search are provided and confusion matrices were illustrated in Figure 6. The models without using any feature selection method demonstrated best results as expected. Because they use the information that all 20 features have, others use only five features. Among existing feature selection methods, CS shows the best performance with 0.9307, and 0.9296 accuracies for shallow and deep ANN models, respectively. On the other hand, MI presented worst performance for both models.

Table 5.

Performance of existing feature selection methods with optimized hyperparameter values for shallow and deep ANN models.

Model type	Feature selection	Accuracy	Precision	Recall	F1-score	Optimal hyper-parameter values
Shallow	None	0.9971	0.9931	0.9761	0.9845	{8, “swish,” “adam”}
	CS	0.9307	0.97	0.2775	0.4315	{32, “relu,”, “RMSprop”}
	MAD	0.9225	0.9611	0.1891	0.3161	{16, “relu,” “adam”}
	MI	0.9158	0.9814	0.1133	0.2032	{8, “relu,” “adam”}
Deep	None	0.9962	0.9996	0.9605	0.9797	{8, “swish,” “adam”}
	CS	0.9296	1.0	0.257	0.4089	{16, “swish,” “adam”}
	MAD	0.92	0.8075	0.2038	0.3255	{8, “swish,” “adam”}
	MI	0.9148	1.0	0.1002	0.1822	{16, “swish,” “adam”}

Figure 6.

Confusion matrices of existing feature selection methods.

Table 6 presents the results of proposed hybrid feature selection methods for both shallow and deep ANNs, along with the optimal hyper-parameter values obtained through grid search. Additionally, Figure 7 illustrates the corresponding confusion matrices. Both shallow and deep models demonstrate high accuracy ranging from 0.9203 to 0.9382 and exceptional precision ranging from 0.9357 to 1.0, indicating strong overall performance and minimal false positives. However, recall values are notably lower ranging from 0.1595 to 0.3474, suggesting challenges in identifying all positive instances. This imbalance is reflected in the F1-scores, which range from 0.275 to 0.5157. The deep ANN model with Mean method consistently outperforms all other methods with the 0.9382 accuracy, 1.0 precision, 0.3474 recall, and 0.5157 F1-score using 8 as batch size, swish as activation function, and adam as learning optimizer. Secondly, the shallow ANN model with Mean method follows it. On the contrary, the shallow and deep ANN models with Max method perform worst performances.

Table 6.

Performance of hybrid feature selection methods with optimized hyperparameter values for shallow and deep ANN models.

Model type	Feature selection	Accuracy	Precision	Recall	F1-score	Optimal hyper-parameter values
Shallow	Max	0.9203	0.998	0.1595	0.275	{8, “relu,”, “adam”}
	Median	0.9312	0.9357	0.2937	0.447	{16, “relu,” “adam”}
	Mean	0.9361	0.9907	0.3282	0.4931	{32, “relu,” “RMSprop”}
	G _mean	0.9334	0.9792	0.3034	0.4633	{16, “relu,” “RMSprop”}
	H _mean	0.9243	0.9954	0.2023	0.3362	{16, “relu,” “RMSprop”}
Deep	Max	0.9226	0.9983	0.183	0.3094	{8, “relu,” “adam”}
	Median	0.9353	0.998	0.3178	0.4821	{16, “relu,” “adam”}
	Mean	0.9382	1.0	0.3474	0.5157	{8, “swish,” “adam”}
	G _mean	0.9329	0.9818	0.297	0.4561	{32, “relu,” “adam”}
	H _mean	0.9238	1.0	0.1952	0.3267	{8, “swish,” “adam”}

Best results are in bold.

Figure 7.

Confusion matrices of hybrid feature selection methods.

As seen in Figure 8, the proposed hybrid method Mean performs better than other existing methods such as CS, MAD, and MI for both shallow and deep ANN models. This hybrid method combines the strengths of these existing methods.

Figure 8.

Performance comparison of hybrid and existing feature selection methods.

Figure 9 illustrates the performance change of both shallow and deep ANN using the Mean method across different batch sizes (8, 16, 32, 64, and 128). The deep ANN generally outperforms the shallow ANN across all batch sizes, suggesting that the additional complexity of the deep model contributes to better accuracy. For the deep model, there is a clear downward trend as batch size increases. The highest accuracy is achieved with the smallest batch size 8, and performance gradually decreases as batch size grows. The shallow model shows a different pattern, with performance peaking at a batch size of 32 before declining slightly for larger batch sizes. As batch size increases to 128, the performance gap between deep and shallow models narrows, suggesting that very large batch sizes might diminish the advantages of deeper architectures.

Figure 9.

Performance change depending on batch size.

The performance change depending on activation function for both shallow and deep ANNs using the Mean method is illustrated Figure 10. The swish activation function demonstrates the highest accuracy for the deep model. While the shallow model shows superior performance with relu, it shows notable performance with swish as well. On the other hand, the shallow model performs worst with leaky_relu, while the deep model shows with tanh activation function.

Figure 10.

Performance change depending on activation function.

Finally, Figure 11 indicates the performance change depending on learning optimizer for both shallow and deep ANN using the Mean method. Although the shallow model exhibits the best performance with RMSprop learning optimizer, it also showed a significant result with adam. The deep model shows its best performance with adam optimizer. Conversely, worst performances are obtained with adagrad and adadelta optimizers for shallow and deep models, respectively. The outstanding performance of adam across both model types aligns with its popularity in deep learning applications, showcasing its ability to adapt learning rates effectively.

Figure 11.

Performance change depending on learning optimizer.

6.3. Timing analysis

A comprehensive analysis of the timing performances was conducted for both shallow and deep ANNs. The performances of models were analyzed both with and without using feature selection methods, separately. To ensure reliability of the results, each model was executed 10 times. Then, average value of execution times for each model was calculated for the final score. This approach mitigates the impact of outliers or anomalies that might occur in individual runs, resulting in more robust and consistent execution time measurements (Hao and Tian, 2020).

The timing analysis was conducted on a device equipped with an Intel(R) Core(TM) i5-10500 CPU (6 cores) running at 3.10 GHz, 16 GB of RAM, and Windows 11 Pro 64-bit. The results are presented in Table 7. Training and testing times are notably lower when using feature selection methods for both shallow and deep models. The shallow model shows a slight decrease in training time from 2551.64 s to 2523.53 s when feature selection is applied, and a reduction in testing time from 0.92 s to 0.85 s. Similarly, the deep model demonstrates a reduction in training time from 3067.32 s to 3048.27 s and a decrease in testing time from 0.99 s to 0.87 s. For the shallow model, feature selection reduces training time by 28.11 s (1.1% decrease) and testing time by 0.07 s (7.6% decrease). For the deep model, feature selection reduces training time by 19.05 s (0.6% decrease) and testing time by 0.12 s (12.1% decrease). The difference in computation time is attributable to the deep model having more hidden layers and being a more complex architecture. These results emphasize that the ANN model runs faster when using feature selection methods due to the reduction in the number of input features. Consequently, anomalies can be detected more quickly with feature selection methods, which is crucial for smart IoT systems.

Table 7.
Computation times for shallow and deep ANN models.

Shallow ANN Deep ANN

with feature selection Without feature selection with feature selection Without feature selection

Training Time (s) Testing Time (s) Training Time (s) Testing Time (s) Training Time (s) Testing Time (s) Training Time (s) Testing Time (s)

2523.53 0.85 2551.64 0.92 3048.27 0.87 3067.32 0.99

Shallow ANN	Deep ANN
Training Time (s)	Testing Time (s)	Training Time (s)	Testing Time (s)	Training Time (s)	Testing Time (s)	Training Time (s)	Testing Time (s)
2523.53	0.85	2551.64	0.92	3048.27	0.87	3067.32	0.99

7. Conclusion

This study has successfully evaluated a hybrid filter-based feature selection method for ANN-based anomaly detection systems in smart farming environments. Firstly, the establishment of a comprehensive smart farming system and the creation of a dedicated dataset named Smart-Farm-IDS have provided a solid foundation for analyzing cyber threats. This dataset, designed for binary classification between normal operations and anomalies, offers a valuable resource for future research in this area. Secondly, the performances of shallow and deep ANN models have analyzed. This comparison provides crucial insights for practitioners and researchers in selecting appropriate models for their specific use cases. Thirdly, the proposed hybrid feature selection method has demonstrated superior performance compared to existing methods such as CS, MAD, and MI in terms of classification accuracy. Besides, the feature importance scores of the proposed method reveal that features F12 (LightIntensity), F11 (Tds), F4 (Minute), F15 (HeatIndex), and F7 (WaterPumpToTank) rank as the top five most important features.

However, it is crucial to recognize the limitations of this study. Firstly, the study focuses on only ANN models. It may not fully explore the potential of other machine learning models that could also be effective for anomaly detection in smart farming systems. Secondly, the study uses a dataset specific to a particular smart farming environment. It may limit the generalizability of the results to different IoT-based systems. Thirdly, the effectiveness of the proposed hybrid feature selection method is dependent on the combination of CS, MAD, and MI methods. The combination of other feature selection methods can also be analyzed.

The experimental results highlight the effectiveness of ANNs in detecting cyber threats within smart farming systems, with the superior performance of the proposed hybrid method indicating a promising avenue for future advancements. This study offers a practical demonstration of how domain-specific datasets and hybrid feature selection techniques can substantially enhance anomaly detection in IoT-based environments. Furthermore, the insights derived from the feature importance analysis provide a deeper understanding of which data attributes are most critical for threat detection, offering valuable guidance for the development of more efficient and accurate IDSs. Additionally, the introduction of the Smart-Farm-IDS dataset serves as a valuable resource for future research, enabling the scientific community to further explore and develop advanced intrusion detection methods specifically tailored to the unique characteristics of smart farming environments.

Beyond the technical contributions, this study also raises important cross-cutting concerns that warrant consideration. The integration of AI in smart farming systems, while enhancing security and operational efficiency, introduces ethical challenges related to data privacy and security. Protecting the sensitive data generated by smart farming devices from unauthorized access is crucial to prevent misuse. Additionally, the environmental sustainability of smart farming practices must be considered, ensuring that the deployment of IoT devices and data-driven solutions does not lead to excessive energy consumption or electronic waste. Future research should explore strategies to balance technological advancements with ethical and environmental considerations in smart farming.

Footnotes

ORCID iD

Kadir Ileri

Author contributions

Kadir Ileri wrote the whole manuscript, implemented machine learning algorithms, and finally reviewed the manuscript.

Funding

The author disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This work was supported by the Scientific Research Projects Coordination Unit of Bandırma Onyedi Eylül University (Project Number: BAP-24-1004-002).

Declaration of conflicting interests

The author declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Data availability statement

The dataset generated and analyzed during this study was created by the authors and is publicly available at https://github.com/kadirileri/Smart-Farm-IDS. This dataset was developed to support research in smart farming and is accompanied by detailed documentation to facilitate reuse by other researchers.

References

Aburasain

(2024) Enhanced black widow optimization with hybrid deep learning enabled intrusion detection in internet of things-based smart farming. IEEE Access 12(January): 16621–16631.

Aburasain

Balobaid

. Hybrid deep learning with optimized hyperparameters based intrusion detection in internet of things for smart farming. In: 2024 Int. Symp. Networks, Comput. Commun. ISNCC 2024, pp. 1–8, 2024, doi: https://doi.org/10.1109/ISNCC62547.2024.10758946.

Adjovu

Stephen

James

, et al. (2023) Measurement of total dissolved solids and total suspended solids in water systems. Remote Sens 15(14): 1–43.

Ahmad

Haq

QEU

Imran

, et al. (2022) An efficient network intrusion detection and classification system. Mathematics 10(3): 1–15.

Al-Zewairi

Almajali

Ayyash

(2020) Unknown security attack detection using shallow and deep ANN classifiers. Electronics 9(12): 2006.

Alrubaie

Abdulhassan

Abdul-Jabbar

, et al. (2023) Mining categorical covid-19 data using chi-square and logistic regression algorithms. AIP Conf Proc 2591(1): 030034. doi: https://doi.org/10.1063/5.0120520.

Ang

Mirzal

Haron

, et al. (2016) Supervised, unsupervised, and semi-supervised feature selection: A review on gene selection. IEEE/ACM Trans Comput Biol Bioinform 13(5): 971–989.

Aziz

ASA

Azar

Salama

, et al. Genetic algorithm with different feature selection techniques for anomaly detectors generation. In: 2013 Fed. Conf. Comput. Sci. Inf. Syst. FedCSIS 2013, pp. 769–774, 2013.

Babu

Malathi

(2023) Three-stage multi-objective feature selection for distributed systems. Soft Comput: 1–15. doi: https://doi.org/10.1007/s00500-023-07865-y.

10.

Blazejczyk

Epstein

Jendritzky

, et al. (2012) Comparison of UTCI to selected thermal indices. Int J Biometeorol 56(3): 515–535.

11.

Chakrabarty

. “Partners Universal International Innovation Journal (PUIIJ) Combined Set of Several Sets of Observations: Harmonic Mean Partners Universal International Innovation Journal (PUIIJ),” no. February, pp. 49–53, 2025, doi: https://doi.org/10.5281/zenodo.14949601.

12.

Chen

R-C

Dewi

Huang

S-W

, et al. (2020) Selecting critical features for data classification based on machine learning methods. J. Big Data 7(1): 52.

13.

Dagar

Som

Khatri

. Smart farming – IoT in agriculture. In: 2018 International Conference on Inventive Research in Computing Applications (ICIRCA), Jul. 2018, pp. 1052–1056. doi: https://doi.org/10.1109/ICIRCA.2018.8597264.

14.

da Silva

Hernane Spatti

Andrade Flauzino

, et al. (2017) Artificial neural network architectures and training processes. In: Artificial Neural Networks. Cham: Springer International Publishing, 21–28. doi: https://doi.org/10.1007/978-3-319-43162-8_2.

15.

Devan

Khare

(2020) An efficient XGBoost–DNN-based classification model for network intrusion detection system. Neural Comput Appl 32(16): 12499–12514.

16.

Doshi

Patel

kumar Bharti

(2019) Smart farming using IoT, a solution for optimally monitoring farming conditions. Procedia Comput Sci 160: 746–751.

17.

El-Ghamry

Darwish

Hassanien

(2023) An optimized CNN-based intrusion detection system for reducing risks in smart farming. Internet of Things (Netherlands) 22(February): 100709.

18.

El Sayed

Le-Khac

Azer

, et al. (2022) A flow-based anomaly detection approach with feature selection method against DDoS attacks in SDNs. IEEE Trans Cogn Commun Netw 8(4): 1862–1880.

19.

Fan

Chen

Wang

, et al. (2021) A review on data preprocessing techniques toward efficient and reliable knowledge discovery from building operational data. Front Energy Res 9. doi: https://doi.org/10.3389/fenrg.2021.652801.

20.

Farooq

Riaz

Abid

, et al. (2019) A survey on the role of IoT in agriculture for the implementation of smart farming. IEEE Access 7: 156237–156271.

21.

Ferrag

Shu

Djallel , et al. (2021). Deep learning-based intrusion detection for distributed denial of service attack in agriculture 4.0. Electronics 10(1): 1257.

22.

Ferreira

Bispo

Rabadão

, et al. (2025) Farm-flow dataset: Intrusion detection in smart agriculture based on network flows. Comput Electr Eng 121(October 2024): 109892.

23.

Friha

Ferrag

Shu

, et al. (2022) FELIDS: Federated learning-based intrusion detection system for agricultural internet of things. J Parallel Distrib Comput 165: 17–31.

24.

Gawhade

Bohara

Mathew

, et al. Computerized Data-Preprocessing To Improve Data Quality. In: 2022 Second International Conference on Power, Control and Computing Technologies (ICPC2T), Mar. 2022, pp. 1–6. doi: https://doi.org/10.1109/ICPC2T53885.2022.9776676.

25.

Gottwalt

Chang

Dillon

(2019) Corrcorr: A feature selection method for multivariate correlation network anomaly detection techniques. Comput Secur 83: 234–245.

26.

Hao

Tian

(2020) A hybrid framework for carbon trading price forecasting: The role of multiple influence factor. J Clean Prod 262: 120378.

27.

Hira

Gillies

(2015) A review of feature selection and feature extraction methods applied on microarray data. Adv Bioinform 2015: 1–13.

28.

Hoshino

Kanoga

Tsubaki

, et al. (2022) Comparing subject-to-subject transfer learning methods in surface electromyogram-based motion recognition with shallow and deep classifiers. Neurocomputing 489: 599–612.

29.

Iwendi

Khan

Anajemba

, et al. (2020) The use of ensemble models for multiple class and binary class classification for improving intrusion detection systems. Sensors (Switzerland) 20(9): 1–37.

30.

Jain

Bhandare

(2013) Min max normalization based data perturbation method for privacy protection. Int J Comput Commun Technol 4(4): 233–238.

31.

Javeed

Gao

Saeed

, et al. (2024) An intrusion detection system for edge-envisioned smart agriculture in extreme environment. IEEE Internet Things J. 11(16): 26866–26876.

32.

Kadhim

Abdullah

Ghathwan

(2022) Artificial neural network hyperparameters optimization: A survey. Int J Online Biomed Eng 18(15): 59–87.

33.

Kethineni

Pradeepini

(2024) Intrusion detection in internet of things-based smart farming using hybrid deep learning framework. Cluster Comput 27(2): 1719–1732.

34.

Khair

Fahmi

Al Hakim

, et al. (2017) Forecasting error calculation with mean absolute deviation and mean absolute percentage error. J Phys Conf Ser 930: 012002.

35.

Kunang

Nurmaini

Stiawan

, et al. (2021) Attack classification of an intrusion detection system using deep learning and hyperparameter optimization. J Inf Secur Appl 58(March): 102804.

36.

Kwak

Choi

C-H

(2002) Input feature selection for classification problems. IEEE Trans Neural Netw 13(1): 143–159.

37.

Laghrissi

Douzi

, et al. (2021) Intrusion detection systems using long short-term memory (LSTM). J Big Data 8(1). doi: https://doi.org/10.1186/s40537-021-00448-4.

38.

TTH

Oktian

Kim

(2022) XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability 14(14): 1–21.

39.

Mishra

Pandey

Singh

, et al. (2019) Descriptive statistics and normality tests for statistical data. Ann Card Anaesth 22(1): 67–72.

40.

Mohy-eddine

Guezzaz

Benkirane

, et al. (2024) Malicious detection model with artificial neural network in IoT-based smart farming security. Cluster Comput 5. doi: https://doi.org/10.1007/s10586-024-04334-5.

41.

Nawi

Atomi

Rehman

(2013) The effect of data Pre-processing on optimized training of artificial neural networks. Procedia Technol. 11: 32–39.

42.

Patel

Goyal

(2007) Applications of artificial neural networks in medical science. Curr Clin Pharmacol 2(3): 217–226.

43.

Potdar

(2017) A comparative study of categorical variable encoding techniques for neural network classifiers. Int J Comput Appl 175(4): 7–9.

44.

Prakash

Mohamadabbas

Meghana

, et al. (2025) Improved multiview graph convolutional network for threat detection in internet of things-based smart farming systems. Int Conf Intell Syst Comput Netw, ICISCN 2025: 1–5.

45.

Prasad

Kan

M-Y

. Dataset mention extraction and classification. In: Proceedings of the Workshop on Extracting Structured Knowledge from Scientific Publications, 2019, pp. 31–36. doi: https://doi.org/10.18653/v1/W19-2604.

46.

Raghuvanshi

, Singh UK, Sajja GS,

et al. (2022) Intrusion detection using machine learning for risk mitigation in IoT-enabled smart irrigation in smart farming. J Food Qual 2022. doi: https://doi.org/10.1155/2022/3955514.

47.

Saabith

(2014) Comparative study on different classification techniques for. Int J Comput Sci Mob Comput 3(10): 185–191.

48.

Sajja

Mustafa

Ponnusamy

, et al. (2021) Machine learning algorithms in intrusion detection and classification. Ann Rom Soc Cell Biol 25(6): 12211–12219. [Online]. Available: http://annalsofrscb.ro/index.php/journal/article/view/7837.

49.

Sayyad

Kumar

Bongale

, et al. (2021) Data-Driven remaining useful life estimation for milling process: Sensors, algorithms, datasets, and future directions. IEEE Access 9: 110255–110286..

50.

Shanmuganathan

(2016) Artificial neural network modelling: An Introduction. Studies in Computational Intelligence: 1–14. doi: https://doi.org/10.1007/978-3-319-28495-8_1.

51.

Shivhare

(Nigam) Saxena

(2021) Breast cancer diagnosis from mammographic images using optimized feature selection and neural network architecture. Int J Imaging Syst Technol 31(1): 253–269.

52.

Singh

(2020) Investigating the impact of data normalization on classification performance. Appl Soft Comput 97: 105524.

53.

Susha Lekshmi

Singh

Shojaei Baghini

(2014) A critical review of soil moisture measurement. Meas J Int Meas Confed 54: 92–105.

54.

Talukder

Hipel

vanLoon

(2017) Developing composite indicators for agricultural sustainability assessment: Effect of normalization and aggregation techniques. Resources 6(4): 66.

55.

Tembusai

Mawengkang

Zarlis

(2021) K-nearest neighbor with K-fold cross validation and analytic hierarchy process on data classification. Int J Adv Data Inf Syst 2(1). doi: https://doi.org/10.25008/ijadis.v2i1.1204.

56.

Tharwat

(2018) Classification assessment methods. Appl Comput Inform 17(1): 168–192.

57.

Thirstrup

Deleebeeck

(2021) Review on electrolytic conductivity sensors. IEEE Trans Instrum Meas 70: 1–22.

58.

Upendran

Gopinath

(2020) Optimization based classification technique for intrusion detection system. Int J Adv September 2020. doi: https://doi.org/10.34218/IJARET.11.9.2020.124.

59.

Vergara

Estévez

(2014) A review of feature selection methods based on mutual information. Neural Comput Appl 24(1): 175–186.

60.

Verma

Ranga

(2020) Machine learning based intrusion detection systems for IoT applications. Wirel Pers Commun 111(4): 2287–2310.

61.

Wei

, et al. (2024) CatBoost-based intrusion detection method for the physical layer of smart agriculture. ITM Web Conf 60: 00009.

62.

Yamori

Levine

Mattson

, et al. (2022) Optimum root zone temperature of photosynthesis and plant growth depends on air temperature in lettuce plants. Plant Mol Biol 110(4–5): 385–395.

63.

Zhou

Zou

Zhou

, et al. (2025) CBCTL-IDS: A transfer learning-based intrusion detection system optimized with the black kite algorithm for IoT-enabled smart agriculture. IEEE Access February: 46601–46615.

64.

Zidi

Ben Abdellafou

Aljuhani

, et al. (2024) Novel intrusion detection system based on a downsized kernel method for cybersecurity in smart agriculture. Eng Appl Artif Intell 133(PF): 108579.

65.

Zivkovic

Tair

Venkatachalam

, et al. (2022) Novel hybrid fireﬂy algorithm: An application to enhance XGBoost tuning for intrusion detection classification. PeerJ Comput Sci 8: 1–38.

Shallow ANN				Deep ANN
with feature selection		Without feature selection		with feature selection		Without feature selection
Training Time (s)	Testing Time (s)	Training Time (s)	Testing Time (s)	Training Time (s)	Testing Time (s)	Training Time (s)	Testing Time (s)
2523.53	0.85	2551.64	0.92	3048.27	0.87	3067.32	0.99

A hybrid feature selection method for anomaly detection using shallow and deep ANN classifiers in smart farming

Abstract

Keywords

1. Introduction

2. Related work

3.2. Condition monitoring system

3.3. Central system

5.1. Existing feature selection methods

5.1.1. Chi-square

6.1. Feature importance analysis

Footnotes

ORCID iD

Author contributions

Funding

Declaration of conflicting interests

Data availability statement

References