Development and Evaluation of a Hybrid Machine Learning-Based Intrusion Detection System Using NSL-KDD Dataset
DOI:
https://doi.org/10.56919/usci.2433.030Keywords:
Feature selection, cybersecurity, deep learning, machine learning, intrusion detection system /intrusion protection system, optimization, anomaly detectionAbstract
Study’s Excerpt
- Hybrid-Base Intrusion Detection System (IDS) that combines anomaly detection and signature-based techniques is introduced.
- Using various metrics, the system could optimize network settings thereby addressing zero-day attack detection issue.
- The system demonstrates an accuracy of 99.73% and a false positive rate of 0.065 on the NSL-KDD benchmark dataset.
Full Abstract
The growth of IoT devices has resulted in a rise of attack surfaces like firmware, sensitive data in physical interfaces, and default settings. Intrusion Detection Systems (IDSs) in networks are used to alert network administrators to critical issues. Zero-day attack detection is an important topic of research in the field of malicious traffic identification. Current methods rely on Machine Learning (ML) approaches for intrusion detection systems (IDSs); nevertheless, the efficacy of the methodology mechanism is dependent on the feature learning procedure, which is still an unresolved problem. As a consequence, in this article, a Hybrid-Base IDS was implemented, with various metrics used to optimise the network settings. In the simulation, the Network Security Laboratory – Knowledge Discovery Dataset (NSL-KDD) benchmark dataset was employed, as well as measures including accuracy, recall, False Positive Rate (FPR), True Positive Rate (TRP), and other aligned metrics. The paper presents a hybrid intrusion detection system (IDS) combining anomaly detection and signature-based techniques, using machine learning models such as Random Forest and Support Vector Machines. Our model achieved an accuracy of 99.73% and a false positive rate of 0.065, outperforming existing methods of Hadeel et al. (2024) and demonstrating its potential for real-world application. We also ran a comparison study with other current approaches, and the findings show that the suggested IDS scheme is effective in real-world cybersecurity scenarios. For future investigations, it is proposed that the Ensemble approach and real-time implementation be used, which will allow the model to continue operating in real-time circumstances.
References
Adnan, M. M., Venugopal, D., & Shiva, S. G. (2020). Comparative analysis of ML classifiers for network intrusion detection. Journal of Comparative Analysis, 1027, 193–207. https://doi.org/10.1007/978-981-32-9343-4_16
Ahmad, R., Alsmadi, I. A., Wasim, A., & Tawalbeh, L. (2022). A comprehensive deep learning benchmark for IoT IDS. Journal of Computer and Security, 114, 102588. https://doi.org/10.1016/j.cose.2021.102588
Ahmad, R., Alsamadi, I., Alhamdani, W., & Tawalbeh L. (2022). A deep learning ensemble approach to detecting unknown network attacks. Journal of Information Security and Applications, 67, 103196. https://doi.org/10.1016/j.jisa.2022.103196
Alimgeer, K. Yuanqing, G. Ameer, M. Tayyab P. & Khurrum D. (2022). Hybrid of WOA-ABC and proposed CNN for intrusion detection system in wireless sensor network. Journal of Sensor and Network, 101, 42-67. https://doi.org/10.1016/j.comcom.2022.10.67
Duy, P. T., Tien, L. K., Khoa, N. H., Hien, D. T. T., Ngyen, A, G., & Pham V. (2021). DIGFuPAS: Deceive IDS with GAN and function-preserving on adversarial samples in SDN-enabled networks. Journal of Computer and Security, 109, 102367. https://doi.org/10.1016/j.cose.2021.102367
Esra, A., Mohammed, A. A., Ahmed, A. (2024). Anomaly detection IDS for detecting DoS attacks in IoT Networks Based on Machine Learning Algorithms. Sensors 24 (2), 713. https://doi.org/10.1001/j.comcom.2024.10.713
Jing C. Y., Hongwei, L., Shuo, S., Futai, Z., & Yue, W., (2022). FS-IDS: A framework for intrusion detection based on few-shot learning. Journal of Computer and Security, 122, 102899. https://doi.org/10.1016/j.cose.2022.102899
Lirim, A., & Cihan, D. (2021). Network intrusion detection system using deep learning. Procedia Computer Science, 185, 239–247. https://doi.org/10.1016/j.procs.2021.05.025
Hadeel, Q. G., & Wathiq, L. A. (2024). e-Prime-Advances in Electrical Engineering, Electronics and Energy. Journal of Computer Network , 9, 100673, 2024 https://doi.org/10.2287/s9100673
Henry, A., Gautam, S., Samrat, K., Rabie, K., Shongwe., T., Bhattacharya, P., Sharma, B. & Chowdhury, S. (2023). Composition of hybrid deep learning model and feature optimization for intrusion detection system. Journal of Sensors 23, 890. https://doi.org/10.3390/s23020890
Huang, S., & Lei, K. (2020). IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks. Journal of Ad hoc Network, 105, 102177. https://doi.org/10.1016/j.adhoc.2020.102177
Jayrajsinh, Z., Panchal, A., Thakkar, A., Prajapati, B., & Puvar, P. (2020). Intrusion detection system using machine learning. Journal of Computer Security, 12, 61–71. https://doi.org/10.32628/cseit2062166
Mohamed A. E., Mohammed A. A., Abdelghani D., Ibrahim R. A., Ahmed A. A., (2023). Intrusion detection approach for cloud and IoT environments using deep learning and Capuchin Search Algorithm. Journal of Advances in Engineering Software 176, 103402. https://doi.org/10.1016/j.advengsoft.2022.103402
Mehdi, E., Ali, F., Abdulreza, M. & Zahra, T. (2022). ITL-IDS: incremental transfer leanring for intrusion detection system. Journal of Knowledge-Base System, 253, 68-69. https://doi.org/10.1016/j.knosys.2022.109542
Mohammed, A. D. Youcef, D., Mebarek, B., Abdelkader, O., & Hasan, A. (2023). Convolutional neural network-based high-precision and speed detection system on CIDDS-001. Journal of Data and Knowledge Engineering, 144, 02130. https://doi.org/10.1016/j.datak.2022.102130
Saveetha, D. & Maragatham G. (2022). Design of blockchain enabled intrusion detection model for detecting security attacks using deep learning. Journal of Pattern Recognition Letters, 153, 24-28. https://doi.org/10.1016/j.patrec.2021.11.023
Sung J., Ying-Chin C., Chit-Jie C., Chih-Lung, C., Thu-Nguyet, H., & Chung-Wei K. (2022). CoNN-IDS: Intrusion detection system based on collaborative neural networks and agile training. Journal of Computer and Security, 122, 102908. https://doi.org/10.1016/j.cose.2022.102908
Sidharth, M., & Sharma, P. (2019). Intrusion detection using machine learning and feature selection. Journal of Feature Selection, 11(4), 43–52. https://doi.org/10.5815/ijcnis.2019.04.06
Taher, K. A., Mohammed Yasin Jisan, B., & Rahman, M. M. (2019). Network intrusion detection using supervised machine learning technique with feature selection. 1st International Conference (ICREST), 643–646. https://doi.org/10.1109/ICREST.2019.8644161
Unal, C. (2019). A new hybrid approach for Intrusion Detection using Machine Learning Methods. Applied Intelligence, 49(7), 2735–2761. https://doi.org/10.1007/s10489-018-01408-x
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 UMYU Scientifica
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.