The next generation in the electricity grid develops an Advanced Metering Infrastructure (AMI) with bi-directional communication. The Internet of Things (IoT) supports AMI to collect data from smart meters and identify the energy consumption pattern of consumers. A widely applied IoT routing protocol in AMI is Routing Protocol for Low-Power and Lossy Networks (RPL). The RPL protocol plays a vital role in ensuring a timely and reliable communication service on AMI. However, several factors affect the reliability of RPL in AMI, and those factors are security, delay, and unequal energy consumption between smart meters. To solve such issues, the Random Forest based Intrusion Detection System (IDS) (RFIDS) is designed for AMI. The proposed RF-IDS takes into account the results of offline traffic analysis using RF. However, it is insufficient to improve the RPL reliability since the design of RPL based only on offline traffic analysis does not necessarily mean that the designed protocol does not perform well online. Rather, the proposed IDS exploits an offline evaluation can be a first step to decide a security measure against several routing metrics. After offline traffic analysis, the RF-IDS can perform online traffic analysis to obtain delay and energy-related metrics. The offline traffic analysis process in RF-IDS selects an important feature set of the RPL protocol and improves the performance of RF over AMI. Moreover, the RF-IDS attempts to improve AMI communication reliability using a balanced energy factor and prolong the lifetime of smart meters in AMI. The efficiency of RF-IDS over AMI in terms of security, reliability, and energy is evaluated using the Cooja simulator.