Development and Evaluation of a Hybrid Machine Learning-Based Intrusion Detection System Using NSL-KDD Dataset

Authors

DOI:

https://doi.org/10.56919/usci.2433.030

Keywords:

Feature selection, cybersecurity, deep learning, machine learning, intrusion detection system /intrusion protection system, optimization, anomaly detection

Abstract

Study’s Excerpt

  • Hybrid-Base Intrusion Detection System (IDS) that combines anomaly detection and signature-based techniques is introduced.
  • Using various metrics, the system could optimize network settings thereby addressing zero-day attack detection issue.
  • The system demonstrates an accuracy of 99.73% and a false positive rate of 0.065 on the NSL-KDD benchmark dataset.

Full Abstract

The growth of IoT devices has resulted in a rise of attack surfaces like firmware, sensitive data in physical interfaces, and default settings.  Intrusion Detection Systems (IDSs) in networks are used to alert network administrators to critical issues.  Zero-day attack detection is an important topic of research in the field of malicious traffic identification.  Current methods rely on Machine Learning (ML) approaches for intrusion detection systems (IDSs); nevertheless, the efficacy of the methodology mechanism is dependent on the feature learning procedure, which is still an unresolved problem.  As a consequence, in this article, a Hybrid-Base IDS was implemented, with various metrics used to optimise the network settings.  In the simulation, the Network Security Laboratory – Knowledge Discovery Dataset (NSL-KDD) benchmark dataset was employed, as well as measures including accuracy, recall, False Positive Rate (FPR), True Positive Rate (TRP), and other aligned metrics.  The paper presents a hybrid intrusion detection system (IDS) combining anomaly detection and signature-based techniques, using machine learning models such as Random Forest and Support Vector Machines.  Our model achieved an accuracy of 99.73% and a false positive rate of 0.065, outperforming existing methods of Hadeel et al. (2024) and demonstrating its potential for real-world application.  We also ran a comparison study with other current approaches, and the findings show that the suggested IDS scheme is effective in real-world cybersecurity scenarios.  For future investigations, it is proposed that the Ensemble approach and real-time implementation be used, which will allow the model to continue operating in real-time circumstances.

 

References

Adnan, M. M., Venugopal, D., & Shiva, S. G. (2020). Comparative analysis of ML classifiers for network intrusion detection. Journal of Comparative Analysis, 1027, 193–207. https://doi.org/10.1007/978-981-32-9343-4_16

Ahmad, R., Alsmadi, I. A., Wasim, A., & Tawalbeh, L. (2022). A comprehensive deep learning benchmark for IoT IDS. Journal of Computer and Security, 114, 102588. https://doi.org/10.1016/j.cose.2021.102588

Ahmad, R., Alsamadi, I., Alhamdani, W., & Tawalbeh L. (2022). A deep learning ensemble approach to detecting unknown network attacks. Journal of Information Security and Applications, 67, 103196. https://doi.org/10.1016/j.jisa.2022.103196

Alimgeer, K. Yuanqing, G. Ameer, M. Tayyab P. & Khurrum D. (2022). Hybrid of WOA-ABC and proposed CNN for intrusion detection system in wireless sensor network. Journal of Sensor and Network, 101, 42-67. https://doi.org/10.1016/j.comcom.2022.10.67

Duy, P. T., Tien, L. K., Khoa, N. H., Hien, D. T. T., Ngyen, A, G., & Pham V. (2021). DIGFuPAS: Deceive IDS with GAN and function-preserving on adversarial samples in SDN-enabled networks. Journal of Computer and Security, 109, 102367. https://doi.org/10.1016/j.cose.2021.102367

Esra, A., Mohammed, A. A., Ahmed, A. (2024). Anomaly detection IDS for detecting DoS attacks in IoT Networks Based on Machine Learning Algorithms. Sensors 24 (2), 713. https://doi.org/10.1001/j.comcom.2024.10.713

Jing C. Y., Hongwei, L., Shuo, S., Futai, Z., & Yue, W., (2022). FS-IDS: A framework for intrusion detection based on few-shot learning. Journal of Computer and Security, 122, 102899. https://doi.org/10.1016/j.cose.2022.102899

Lirim, A., & Cihan, D. (2021). Network intrusion detection system using deep learning. Procedia Computer Science, 185, 239–247. https://doi.org/10.1016/j.procs.2021.05.025

Hadeel, Q. G., & Wathiq, L. A. (2024). e-Prime-Advances in Electrical Engineering, Electronics and Energy. Journal of Computer Network , 9, 100673, 2024 https://doi.org/10.2287/s9100673

Henry, A., Gautam, S., Samrat, K., Rabie, K., Shongwe., T., Bhattacharya, P., Sharma, B. & Chowdhury, S. (2023). Composition of hybrid deep learning model and feature optimization for intrusion detection system. Journal of Sensors 23, 890. https://doi.org/10.3390/s23020890

Huang, S., & Lei, K. (2020). IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks. Journal of Ad hoc Network, 105, 102177. https://doi.org/10.1016/j.adhoc.2020.102177

Jayrajsinh, Z., Panchal, A., Thakkar, A., Prajapati, B., & Puvar, P. (2020). Intrusion detection system using machine learning. Journal of Computer Security, 12, 61–71. https://doi.org/10.32628/cseit2062166

Mohamed A. E., Mohammed A. A., Abdelghani D., Ibrahim R. A., Ahmed A. A., (2023). Intrusion detection approach for cloud and IoT environments using deep learning and Capuchin Search Algorithm. Journal of Advances in Engineering Software 176, 103402. https://doi.org/10.1016/j.advengsoft.2022.103402

Mehdi, E., Ali, F., Abdulreza, M. & Zahra, T. (2022). ITL-IDS: incremental transfer leanring for intrusion detection system. Journal of Knowledge-Base System, 253, 68-69. https://doi.org/10.1016/j.knosys.2022.109542

Mohammed, A. D. Youcef, D., Mebarek, B., Abdelkader, O., & Hasan, A. (2023). Convolutional neural network-based high-precision and speed detection system on CIDDS-001. Journal of Data and Knowledge Engineering, 144, 02130. https://doi.org/10.1016/j.datak.2022.102130

Saveetha, D. & Maragatham G. (2022). Design of blockchain enabled intrusion detection model for detecting security attacks using deep learning. Journal of Pattern Recognition Letters, 153, 24-28. https://doi.org/10.1016/j.patrec.2021.11.023

Sung J., Ying-Chin C., Chit-Jie C., Chih-Lung, C., Thu-Nguyet, H., & Chung-Wei K. (2022). CoNN-IDS: Intrusion detection system based on collaborative neural networks and agile training. Journal of Computer and Security, 122, 102908. https://doi.org/10.1016/j.cose.2022.102908

Sidharth, M., & Sharma, P. (2019). Intrusion detection using machine learning and feature selection. Journal of Feature Selection, 11(4), 43–52. https://doi.org/10.5815/ijcnis.2019.04.06

Taher, K. A., Mohammed Yasin Jisan, B., & Rahman, M. M. (2019). Network intrusion detection using supervised machine learning technique with feature selection. 1st International Conference (ICREST), 643–646. https://doi.org/10.1109/ICREST.2019.8644161

Unal, C. (2019). A new hybrid approach for Intrusion Detection using Machine Learning Methods. Applied Intelligence, 49(7), 2735–2761. https://doi.org/10.1007/s10489-018-01408-x

Downloads

Published

2024-09-16

How to Cite

Olugbenga, O. E. M., Kolajo, T., & Babatunde, J. A. (2024). Development and Evaluation of a Hybrid Machine Learning-Based Intrusion Detection System Using NSL-KDD Dataset. UMYU Scientifica, 3(3), 277–283. https://doi.org/10.56919/usci.2433.030

Issue

Vol. 3 No. 3 (2024): UMYU Scientifica, Volume 3, Issue 3, September 2024

Section

Articles

License

Copyright (c) 2024 UMYU Scientifica

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.