Network security analysis using machine learning-based intrusion detection system methods

Arief Sutarjo; Helmy  Fahlephi

Authors

Arief Sutarjo Universitas Medan Area, Medan, Indonesia Author
Helmy Fahlephi Universitas Medan Area, Medan, Indonesia Author

Keywords:

Cybersecurity, Intrusion Detection System, Machine Learning, Network Security, Threat Detection

Abstract

The increasing complexity of modern networks has heightened the risk of cyberattacks, necessitating advanced intrusion detection systems (IDS) capable of identifying and mitigating threats in real time. This study presents a comprehensive analysis of network security using machine learning-based IDS methods. Various supervised and unsupervised algorithms, including Decision Trees, Random Forest, Support Vector Machines, and k-Means clustering, were evaluated for their effectiveness in detecting malicious activities. Network traffic datasets, such as NSL-KDD and CICIDS2017, were preprocessed and feature-engineered to enhance detection accuracy. Performance metrics accuracy, precision, recall, F1-score, and detection rate were used to assess each model. The results demonstrate that ensemble-based approaches achieved superior detection performance, particularly in identifying novel attack patterns while minimizing false positives. This research highlights the potential of machine learning in developing adaptive, scalable, and efficient IDS solutions, contributing to stronger network defense mechanisms against evolving cyber threats. The findings offer valuable insights for designing intelligent, automated network security systems in diverse operational environments

References

Abubakar, A., & Pranggono, B. (2017). Machine learning-based intrusion detection system for software-defined networks. In Proceedings of EST – 2017 Seventh International Conference on Emerging Security Technologies.

Alhajjar, E., Maxwell, P., & Bastian, N. D. (2020). Adversarial machine learning in network intrusion detection systems.

Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153–1176.

Cheng, T.-H., Lin, Y.-D., Lai, Y.-C., & Lin, P.-C. Evasion techniques: Sneaking through your intrusion detection/prevention systems. IEEE Communications Surveys & Tutorials.

Di Mauro, M., Galatro, G., Fortino, G., & Liotta, A. (2021). Supervised feature selection techniques in network intrusion detection: A critical review. arXiv preprint.

Dhanabal, L., & Shantharajah, S. P. (2015). A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 4(6), 446–452.

Elovici, Y., Moskovitch, R., & Rokach, L. (2008). Detection of unknown computer worms based on behavioral classification of the host. Computational Statistics & Data Analysis.

Engelen, G., Rimmer, V., & Joosen, W. (2021). Troubleshooting an intrusion detection dataset: The CICIDS2017 case study. Security and Privacy Workshops.

ACM Digital Library

Farnaaz, N., & Jabbar, M. A. (2016). Random forest modeling for network intrusion detection system. IMCIP-2016 Proceedings.

Garcia, R. Z., & Kavitha, C. (2021). Survey on machine learning approaches for intrusion detection system. ICCAP 2021 Proceedings.

Guntoro, G., & Omar, M. N. B. (2024). A systematic literature review of intrusion detection systems in network security. Communications in Computer and Information Science.

Haq, N. F., et al. (2015). Application of machine learning approaches in intrusion detection system: A survey. IJARAI–International Journal of Advanced Research in Artificial Intelligence, 4(3), 9–18.

Hasan, M. A. M., Nasser, M., Pal, B., & Ahmad, S. (2014). Support vector machine and random forest modeling for intrusion detection system (IDS). Journal of Intelligent Learning Systems and Applications, 6, 45–52.

HAST-IDS: Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. (2018). IEEE Access, 6, 1792–1806.

He, K., Kim, D. D., & Asghar, M. R. (2023). Adversarial machine learning for network intrusion detection systems: A comprehensive survey. IEEE Communications Surveys & Tutorials, 25(1), 538–566.

Ingre, B., & Yadav, A. (2015). Performance analysis of NSL-KDD dataset using ANN. ICASI 2018 Proceedings.

Kim, J., Kim, J., Thu, H. L. T., & Kim, H. (2016). LSTM recurrent neural network classifier for intrusion detection. PlatCon 2016 Proceedings.

Liu, H., & Lang, B. (2019). Machine learning and deep learning methods for intrusion detection systems: A survey. Applied Sciences, 9(20), 4396.

Locasto, M. E., Wang, K., Keromytis, A. D., & Stolfo, S. J. (2005). Recent advances in intrusion detection. In Ensemble learning context.

Menahem, E., Shabtai, A., Rokach, L., & Elovici, Y. (2009). Improving malware detection by applying multi-inducer ensemble. Computational Statistics & Data Analysis.

Njueajio, M. K., Washington, G., Rawat, D. B., & Ngueabou, Y. (2022). Intrusion detection systems using support vector machines on KDDCUP’99 and NSL-KDD datasets: A comprehensive survey. arXiv preprint.

Ngueabou, Y., et al. same as above. (duplicate; hence omitted to keep distinct list).

Ofek, N., Rokach, L., & Stern, R. (2017). Fast-CBUS: A fast clustering-based undersampling method for class imbalance. Neurocomputing, 243, 88–102.

Ramotsoela, D., Abu-Mahfouz, A., & Hancke, G. (2018). A survey of anomaly detection in industrial wireless sensor networks… Sensors, 18(8), 2491.

Ren, J., Guo, J., Qian, W., Yuan, H., Hao, X., & Jingjing, H. (2019). Building an effective intrusion detection system using hybrid data optimization based on machine learning algorithms. Security and Communication Networks.

Shabtai, A., Potashnik, D., Fledel, Y., Moskovitch, R., & Elovici, Y. (2011). Monitoring, analysis, and filtering system for purifying network traffic of known and unknown malicious content. Security and Communication Networks.

Shabtai, A., Moskovitch, R., Elovici, Y., & Glezer, C. (2009). Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey. Information Security Technical Report.

Staudemeyer, R. C., & Omlin, C. W. (2014). Extracting salient features for network intrusion detection using machine learning methods. South African Computer Journal, 52(1), 82–96.

Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R., & Ghogho, M. (2016). Deep learning approach for network intrusion detection in software-defined networking. WINCOM 2016 Proceedings.

Thomas, C., Sharma, V., & Balakrishnan, N. (2008). Usefulness of DARPA dataset for intrusion detection system evaluation. SPIE Proceedings.

Ugochukwu, C. J., & Bennett, E. O. (2018). An intrusion detection system using machine learning algorithm. International Journal of Computer Science Mathematics Theory, 4(1).

Wang, W., Sheng, Y., Wang, J., Zeng, X., Ye, X., Huang, Y., & Zhu, M. (2018). HAST-IDS: Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access, 6, 1792–1806.

Woland, A., Santuka, V., Harris, M., & Sanbower, J. (2018). Integrated security technologies and solutions – volume I. Cisco Press.

Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954–21961.

Yassin, W., Udzir, N. I., Muda, Z., & Sulaiman, M. N. (2013). Anomaly-based intrusion detection through k-means clustering and Naive Bayes classification. ICOCI Proceedings, vol. 49, 298–303