A Dependable Hybrid Machine Learning Model for Network Intrusion Detection

TL;DR

This paper introduces a hybrid machine learning and deep learning model for network intrusion detection that achieves high accuracy and dependability by combining data balancing, feature selection, and benchmarking on multiple datasets.

Contribution

The paper presents a novel hybrid model integrating SMOTE, XGBoost, and deep learning, optimized for accuracy and dependability in network intrusion detection.

Findings

Achieved 99.99% accuracy on KDDCUP'99 dataset.

Achieved 100% accuracy on CIC-MalMem-2022 dataset.

No overfitting or Type-1/Type-2 errors observed.

Abstract

Network intrusion detection systems (NIDSs) play an important role in computer network security. There are several detection mechanisms where anomaly-based automated detection outperforms others significantly. Amid the sophistication and growing number of attacks, dealing with large amounts of data is a recognized issue in the development of anomaly-based NIDS. However, do current models meet the needs of today's networks in terms of required accuracy and dependability? In this research, we propose a new hybrid model that combines machine learning and deep learning to increase detection rates while securing dependability. Our proposed method ensures efficient pre-processing by combining SMOTE for data balancing and XGBoost for feature selection. We compared our developed method to various machine learning and deep learning algorithms to find a more efficient algorithm to implement in the pipeline. Furthermore, we chose the most effective model for network intrusion based on a set of benchmarked performance analysis criteria. Our method produces excellent results when tested on two datasets, KDDCUP'99 and CIC-MalMem-2022, with an accuracy of 99.99% and 100% for KDDCUP'99 and CIC-MalMem-2022, respectively, and no overfitting or Type-1 and Type-2 issues.