A Hard Voting Ensemble Model of the Logistic Regression, Support Vector Machine and Random Forest for Network Intrusion Detection
Abstract
The rapid evolving landscape of cybersecurity, the need for robust and efficient intrusion detection systems (IDS) has never been more critical. The real-time network traffic environments are plagued with the challenges posed by traffic routing and complex network behaviours. To this end, this paper proposes four hybrid/ensemble models for the detection of intrusion across complex networks infrastructures by combining logistic regression (LR) and support vector machines (SVM), and random forest (RF). The paper leverages the hard voting ensemble strategy to mix the interpretability of LR; fusing decision capacity of RF; and classification efficacy of SVM, to enhance detection accuracy and reduce false positive rates. During the experimentation of the proposed ensemble models, the two standard datasets were acquired, that is, the KDD Cup 1999 and CSE-CIC-IDS2018, for the training and testing phases after the ENN-SMOTE method data resampling strategies. The results showed that, the resampled binaryclass dataset (KDD Cup 1999), the SVM-RF obtains best accuracy of 99.42%. The biggest precision score of 99.94% was computed for the LR-RF model. The recall measure of 99.01% was attained by the SVMLR-RF model. F1-score of 99.37% was observed for the SVM-RF model. Similarly, upon ENN-SMOTE method resampling of the multi-class dataset (CSE-CIC-IDS2018), accuracy of 92.06% achieved by the SVM-RF model. The precision of 99.68% was witnessed for the SVM-RF. With the recall score, the SVMLR-RF model offers the widest margin of 90.76%. The F1-score of 94.73% was recorded for the SVMLR-RF model. The Asymptotic Significance (2-sided test) of 0.043 is less than p-value at the significance level of 5%. The paper established that, the ensembles models performances with the ENN-SMOTE technique were more significant than the RFE for data preprocessing.
Full Text:
PDFReferences
U. Dixit, S. Bhatia, and P. Bhatia, “Comparison of different machine learning algorithms based on intrusion detection system,” in 2022 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COM-IT-CON), IEEE, 2022, pp. 667–672, doi: 10.1109/com-it-con54601.2022.9850515.
S. K. Shandilya, S. Upadhyay, A. Kumar, and A. K. Nagar, “AI-assisted Computer Network Operations testbed for Nature-Inspired Cyber Security based adaptive defense simulation and analysis,” Future Generation Computer Systems, vol. 127, pp. 297–308, 2022, doi: 10.1016/j.future.2021.09.018.
P. Sanju, “Enhancing intrusion detection in IoT systems: A hybrid metaheuristics-deep learning approach with ensemble of recurrent neural networks,” Journal of Engineering Research, vol. 11, no. 4, pp. 356–361, 2023, doi: 10.1016/j.jer.2023.100122.
K. A. Dhanya, S. Vajipayajula, K. Srinivasan, A. Tibrewal, T. S. Kumar, and T. G. Kumar, “Detection of network attacks using machine learning and deep learning models,” Procedia Comput Sci, vol. 218, pp. 57–66, 2023, doi: 10.1016/j.procs.2022.12.401.
M. Landauer, F. Skopik, M. Frank, W. Hotwagner, M. Wurzenberger, and A. Rauber, “Maintainable log datasets for evaluation of intrusion detection systems,” IEEE Trans Dependable Secure Comput, vol. 20, no. 4, pp. 3466–3482, 2022, doi: 10.1109/tdsc.2022.3201582.
F. Zola, L. Segurola-Gil, J. L. Bruse, M. Galar, and R. Orduna-Urrutia, “Network traffic analysis through node behaviour classification: a graph-based approach with temporal dissection and data-level preprocessing,” Comput Secur, vol. 115, p. 102632, 2022, doi: 10.1016/j.cose.2022.102632.
K. G. Reddy and P. S. Thilagam, “trust-based hybrid ids for rushing attacks in wireless mesh Networks,” in Recent Advances in Computer Based Systems, Processes and Applications, CRC Press, 2020, pp. 49–57, doi: 10.1201/9781003043980-7.
T. Wisanwanichthan and M. Thammawichai, “A double-layered hybrid approach for network intrusion detection system using combined naive bayes and SVM,” IEEE access, vol. 9, pp. 138432–138450, 2021, doi: 10.1109/access.2021.3118573.
P. Yadav and S. C. Sharma, “Unveiling the cutting edge: a comprehensive survey of localization techniques in WSN, leveraging optimization and machine learning approaches,” Wirel Pers Commun, vol. 132, no. 4, pp. 2293–2362, 2023, doi: 10.1007/s11277-023-10630-x.
B. Bowen, A. Chennamaneni, A. Goulart, and D. Lin, “BLoCNet: a hybrid, dataset-independent intrusion detection system using deep learning,” Int J Inf Secur, vol. 22, no. 4, pp. 893–917, 2023, doi: 10.1007/s10207-023-00663-5.
R. Almarshdi, L. Nassef, E. Fadel, and N. Alowidi, “Hybrid Deep Learning Based Attack Detection for Imbalanced Data Classification.,” Intelligent Automation & Soft Computing, vol. 35, no. 1, 2023, doi: 10.32604/iasc.2023.026799.
M. S. Yassen, A. A. Raghdah, and A. B. Mohammed, “Employing hybrid ANOVA-RFE with machine and deep learning models for enhanced IoT and IIoT attack detection and classification,” Ingenierie des Systemes d’Information, vol. 28, no. 4, p. 1003, 2023, doi: 10.18280/isi.280420.
A. Henry et al., “Composition of hybrid deep learning model and feature optimization for intrusion detection system,” Sensors, vol. 23, no. 2, p. 890, 2023, doi: 10.3390/s23020890.
E. S. Alomari et al., “Malware detection using deep learning and correlation-based feature selection,” Symmetry (Basel), vol. 15, no. 1, p. 123, 2023, doi: 10.3390/sym15010123.
M. Gohari, S. Hashemi, and L. Abdi, “Android malware detection and classification based on network traffic using deep learning,” in 2021 7th International Conference on Web Research (ICWR), IEEE, 2021, pp. 71–77, doi: 10.1109/icwr51868.2021.9443025.
I. Abrar, Z. Ayub, F. Masoodi, and A. M. Bamhdi, “A machine learning approach for intrusion detection system on NSL-KDD dataset,” in 2020 international conference on smart electronics and communication (ICOSEC), IEEE, 2020, pp. 919–924, doi: 10.1109/icosec49089.2020.9215232.
F. Louati and F. B. Ktata, “A deep learning-based multi-agent system for intrusion detection,” SN Appl Sci, vol. 2, no. 4, p. 675, 2020, doi: 10.1007/s42452-020-2414-z.
J. Jingping, C. Kehua, C. Jia, Z. Dengwen, and M. Wei, “Detection and recognition of atomic evasions against network intrusion detection/prevention systems,” IEEE Access, vol. 7, pp. 87816–87826, 2019, doi: 10.1109/access.2019.2925639.
DOI: https://doi.org/10.31449/inf.v49i27.8573

This work is licensed under a Creative Commons Attribution 3.0 License.