Affiliation:
1. Department of Computer Science, Iqra University Islamabad, Islamabad 44000, Pakistan
2. Department of Computer Engineering, Jeju National University, Jejusi 63243, Republic of Korea
3. Department of Information Technology, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O. Box 84428, Riyadh 11671, Saudi Arabia
Abstract
Intrusion Detection Systems (IDSs) play a crucial role in safeguarding network infrastructures from cyber threats and ensuring the integrity of highly sensitive data. Conventional IDS technologies, although successful in achieving high levels of accuracy, frequently encounter substantial model bias. This bias is primarily caused by imbalances in the data and the lack of relevance of certain features. This study aims to tackle these challenges by proposing an advanced machine learning (ML) based IDS that minimizes misclassification errors and corrects model bias. As a result, the predictive accuracy and generalizability of the IDS are significantly improved. The proposed system employs advanced feature selection techniques, such as Recursive Feature Elimination (RFE), sequential feature selection (SFS), and statistical feature selection, to refine the input feature set and minimize the impact of non-predictive attributes. In addition, this work incorporates data resampling methods such as Synthetic Minority Oversampling Technique and Edited Nearest Neighbor (SMOTE_ENN), Adaptive Synthetic Sampling (ADASYN), and Synthetic Minority Oversampling Technique–Tomek Links (SMOTE_Tomek) to address class imbalance and improve the accuracy of the model. The experimental results indicate that our proposed model, especially when utilizing the random forest (RF) algorithm, surpasses existing models regarding accuracy, precision, recall, and F Score across different data resampling methods. Using the ADASYN resampling method, the RF model achieves an accuracy of 99.9985% for botnet attacks and 99.9777% for Man-in-the-Middle (MITM) attacks, demonstrating the effectiveness of our approach in dealing with imbalanced data distributions. This research not only improves the abilities of IDS to identify botnet and MITM attacks but also provides a scalable and efficient solution that can be used in other areas where data imbalance is a recurring problem. This work has implications beyond IDS, offering valuable insights into using ML techniques in complex real-world scenarios.
Funder
Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia
Reference50 articles.
1. Rahman, Z., Haque, M.A., and Aziz, D.A.B. (2023). Internet Usage During and Post COVID-19 Pandemic: A Study on the Students of Information Science and Library Management in the University of Rajshahi, Bangladesh. Libr. Philos. Pract., 1–15. Available online: https://digitalcommons.unl.edu/libphilprac/7621/.
2. Towards insighting cybersecurity for healthcare domains: A comprehensive review of recent practices and trends;Javaid;Cyber Secur. Appl.,2023
3. Cyber security threats: A never-ending challenge for e-commerce;Liu;Front. Psychol.,2022
4. Aswathy, S., and Tyagi, A.K. (2022). Privacy Breaches through Cyber Vulnerabilities: Critical Issues, Open Challenges, and Possible Countermeasures for the Future. Security and Privacy-Preserving Techniques in Wireless Robotics, CRC Press.
5. Network security concepts, dangers, and defense best practical;Arogundade;Comput. Eng. Intell. Syst.,2023