A dependable hybrid machine learning model for network intrusion detection

Network intrusion detection systems (NIDSs) play an important role in computer network security. There are several detection mechanisms where anomaly-based automated detection outperforms others significantly. Amid the sophistication and growing number of attacks, dealing with large amounts of data is a recognized issue in the development of anomaly-based NIDS. However, do current models meet the needs of today's networks in terms of required accuracy and dependability? In this research, we propose a new hybrid model that combines machine learning and deep learning to increase detection rates while securing dependability. Our proposed method ensures efficient pre-processing by combining SMOTE for data balancing and XGBoost for feature selection. We compared our developed method to various machine learning and deep learning algorithms in order to find a more efficient algorithm to implement in the pipeline. Furthermore, we chose the most effective model for network intrusion based on a set of benchmarked performance analysis criteria. Our method produces excellent results when tested on two datasets, KDDCUP'99 and CIC-MalMem-2022, with an accuracy of 99.99% and 100% for KDDCUP'99 and CIC-MalMem-2022, respectively, and no overfitting or Type-1 and Type-2 issues.

Automated summary

Network intrusion detection systems (NIDSs) are vital for computer network security, with anomaly-based automated detection mechanisms outperforming others significantly. However, handling large amounts of data remains a challenge for anomaly-based NIDS development. In this research, we propose a hybrid model that combines machine learning and deep learning to enhance detection rates and ensure dependability. Our method employs SMOTE for data balancing and XGBoost for feature selection, resulting in excellent performance on KDDCUP'99 and CIC-MalMem-2022 datasets, achieving accuracy of 99.99% and 100% respectively, without overfitting or Type-1 and Type-2 issues.