Network Intrusion Detection System using Stacked Ensemble Model with SVM SMOTE oversampling and Recursive Feature Elimination

Article Sidebar

Published: Apr 30, 2025
Keywords:
Intrusion Detection System Ensemble Machine Learning Support Vector Machine Synthetic Minority Oversampling Technique Local Outlier Factor Recursive Feature Elimination Robust Scaler

Main Article Content

Anil Kumar Dasari*
Research Scholar, Department of Computer Science and Engineering, National Institute of Technology Silchar, Assam, India
Dr.Saroj Kumar Biswas
Associate Professor, Department of Computer Science and Engineering, National Institute of Technology Silchar, Assam, India
Prof.Biswajit Purkayastha
Professor, Department of Computer Science and Engineering, National Institute of Technology Silchar, Assam, India
Md Sajjad Hossain
PG Scholar, Department of Computer Science and Engineering, National Institute of Technology Silchar, Assam, India

Abstract

Intrusion Detection Systems (IDS) are essential for safeguarding networks against malicious activities, but traditional IDS models struggle with challenges such as class imbalance, high false alarm rates, and poor generalization. While machine learning (ML)-based IDS offer improvements, single classifier models suffer from bias, variance, and limited robustness. To address these limitations, this study proposes a Non-evolutionary Feature Selection-based Network Intrusion Detection System using Stacked Ensemble Learning (NFSNIDS). The proposed workflow begins with data preprocessing, where SVM SMOTE oversampling balances class distribution, Local Outlier Factor (LOF) outlier detection removes anomalies, Recursive Feature Elimination (RFE) selects relevant features, and Robust Scaler ensures effective data normalization. The processed data is then fed into a Stacked Ensemble Learning model comprising Extreme Gradient Boosting (XGB) and Extra Trees (ET) as base classifiers. Their outputs are used to create a new training set for a meta-classifier, which is trained using Logistic Regression to enhance predictive performance. The model is validated using 10-fold cross-validation, with Accuracy and F1-score as key performance metrics. Comparative evaluations against single classifiers, existing ensemble models, and benchmark IDS solutions confirm that NFSNIDS consistently outperforms all alternatives, making it a highly effective and robust approach for network intrusion detection.
 

Article Details

Issue
Vol. 167 No. A2 (S) (2025): Technologies and Their Effects on Real-Time Social Development
Section
Articles
Author Biography

Dr.Saroj Kumar Biswas, Associate Professor, Department of Computer Science and Engineering, National Institute of Technology Silchar, Assam, India

Intrusion Detection Systems (IDS) are essential for safeguarding networks against malicious activities, but traditional IDS models struggle with challenges such as class imbalance, high false alarm rates, and poor generalization. While machine learning (ML)-based IDS offer improvements, single classifier models suffer from bias, variance, and limited robustness. To address these limitations, this study proposes a Non-evolutionary Feature Selection-based Network Intrusion Detection System using Stacked Ensemble Learning (NFSNIDS). The proposed workflow begins with data preprocessing, where SVM SMOTE oversampling balances class distribution, Local Outlier Factor (LOF) outlier detection removes anomalies, Recursive Feature Elimination (RFE) selects relevant features, and Robust Scaler ensures effective data normalization. The processed data is then fed into a Stacked Ensemble Learning model comprising Extreme Gradient Boosting (XGB) and Extra Trees (ET) as base classifiers. Their outputs are used to create a new training set for a meta-classifier, which is trained using Logistic Regression to enhance predictive performance. The model is validated using 10-fold cross-validation, with Accuracy and F1-score as key performance metrics. Comparative evaluations against single classifiers, existing ensemble models, and benchmark IDS solutions confirm that NFSNIDS consistently outperforms all alternatives, making it a highly effective and robust approach for network intrusion detection.

References

Michał Woźniak, Manuel Graña, Emilio Corchado. "A survey of multiple classifier systems as hybrid systems." Information Fusion, March 2014.

Conti, Mauro, et al. "Internet of Things security and forensics: Challenges and opportunities." Future Generation Computer Systems 78 (2018): 544-546.

Asaf Shabtai, Robert Moskovitch, Yuval Elovici, Chanan Glezer. "Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey." Information Security Technical Report, February 2009.

Moustafa N, Turnbull B, Choo KKR (2019) An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet of Things Journal 6(3):4815–4830

Giorgio Giacinto, Roberto Perdisci, Mauro Del Rio, Fabio Roli. "Intrusion detection in computer networks by a modular ensemble of one-class classifiers." Information Fusion, January 2008.

P. Arun Raj Kumar, S. Selvakumar. "Distributed denial of service attack detection using an ensemble of neural classifier." Computer Communications, July 2011.

Pajouh, Hamed Haddad, et al. "A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks." IEEE Transactions on Emerging Topics in Computing 7.2 (2016): 314-323.

Hossain, Md Alamgir, and Md Saiful Islam. "Ensuring network security with a robust intrusion detection system using ensemble-based machine learning." Array 19 (2023): 100306.

Kim, H., et al. (2022). Intrusion Detection Using Signature-Based and Anomaly-Based Approaches. IEEE Access, 9, 112312-112325.

Chen, L., et al. (2023). Machine Learning for Network Security: A Comprehensive Survey. IEEE Transactions on Information Forensics and Security, 18, 245-260.

Sharma, P., & Gupta, R. (2023). Comparison of Machine Learning Classifiers for IDS. IEEE Transactions on Dependable and Secure Computing, 20(1), 55-67.

Li, J., et al. (2023). Boosting vs. Bagging for Network Intrusion Detection: A Performance Analysis. Computers & Security, 45, 678-690.

Bhati, B. S., et al. (2023). Random Forest and XGBoost for Intrusion Detection: A Comparative Study. Cybersecurity & Privacy Journal, 19(1), 74-89.

Abbas, A., et al. (2022). Advances in Ensemble-Based Intrusion Detection Systems. Journal of Network and Computer Applications, 56, 501-515.

Kannari, Phanindra Reddy, Noorullah Shariff Chowdary, and Rajkumar Laxmikanth Biradar. "An anomaly-based intrusion detection system using recursive feature elimination technique for improved attack detection." Theoretical Computer Science 931 (2022): 56-64.

Elreedy, Dina, and Amir F. Atiya. "A comprehensive analysis of synthetic minority oversampling technique (SMOTE) for handling class imbalance." Information Sciences 505 (2019): 32-64.

Sharma, Neha V., and Narendra Singh Yadav. "An optimal intrusion detection system using recursive feature elimination and ensemble of classifiers." Microprocessors and Microsystems 85 (2021): 104293.

Abbas, Adeel, et al. "A new ensemble-based intrusion detection system for internet of things." Arabian Journal for Science and Engineering (2021): 1-15.

Sharma, Jivitesh, et al. "Multi-layer intrusion detection system with ExtraTrees feature selection, extreme learning machine ensemble, and softmax aggregation." EURASIP Journal on Information Security 2019.1 (2019): 1-16.

Wongvorachan, Tarid, Surina He, and Okan Bulut. "A comparison of undersampling, oversampling, and SMOTE methods for dealing with imbalanced classification in educational data mining." Information 14.1 (2023): 54.

Tama, Bayu Adhi, and Kyung-Hyune Rhee. "HFSTE: Hybrid feature selections and tree-based classifiers ensemble for intrusion detection system." IEICE TRANSACTIONS on Information and Systems 100.8 (2017): 1729-1737.

Li, Jie, et al. "Machine learning algorithms for network intrusion detection." AI in Cybersecurity (2019): 151-179.

T. Das, O. A. Hamdan, R. M. Shukla, S. Sengupta and E. Arslan, "UNR-IDD: Intrusion Detection Dataset using Network Port Statistics," 2023 IEEE 20th Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2023, pp. 497-500, doi: 10.1109/CCNC51644.2023.10059640.

Turukmane, Anil V., and Ramkumar Devendiran. "M-MultiSVM: An efficient feature selection assisted network intrusion detection system using machine learning." Computers & Security 137 (2024): 103587.

Srinivasa Sai Abhijit Challapalli. Sentiment Analysis of the Twitter Dataset for the Prediction of Sentiments. Journal of Sensors, IoT & Health Sciences, 2.4(2024), 1-15.

Widodo, Akdeas Oktanae, Bambang Setiawan, and Rarasmaya Indraswari. "Machine Learning-Based Intrusion Detection on Multi-Class Imbalanced Dataset Using SMOTE." Procedia Computer Science 234 (2024): 578-583.

Kudithipudi, Swarnalatha, et al. "Evaluating the Efficacy of Resampling Techniques in Addressing Class Imbalance for Network Intrusion Detection Systems Using Support Vector Machines." Journal homepage: http://iieta. org/journals/isi 28.5 (2023): 1229-1236.

Kasetti, . S., & Korra, S. Multimedia Data Transmission with Secure Routing in M-IOT-based Data Transmission using Deep Learning Architecture. Journal of Computer Allied Intelligence (, 1.1(2023), 1-13.

Sikder, Md Nazmul Kabir, and Feras A. Batarseh. "Outlier detection using AI: a survey." AI Assurance (2023): 231-291.

Al-Shehari, Taher, et al. "Enhancing Insider Threat Detection in Imbalanced Cybersecurity Settings Using the Density-Based Local Outlier Factor Algorithm." IEEE Access (2024).

ELhadad, Rawan, Yi-Fei Tan, and Wooi-Nee Tan. "Comparison of Enhanced Isolation Forest and Enhanced Local Outlier Factor in Anomalous Power Consumption Labelling." 2023 IEEE 3rd International Conference in Power Engineering Applications (ICPEA). IEEE, 2023.

B.Ashok Kumar, K.Vijayachandra, G.Naveen Kumar, & V.N.Lakshmana Kumar. Blockchain Technology Communication Technology Model for the IoT. Journal of Computer Allied Intelligence, 2(2024), 20-35.

Lian, Wenjuan, et al. "An intrusion detection method based on decision tree-recursive feature elimination in ensemble learning." Mathematical Problems in Engineering 2020 (2020): 1-15.

Srinivasa Sai Abhijit Challapalli. Optimizing Dallas-Fort Worth Bus Transportation System Using Any Logic. Journal of Sensors, IoT & Health Sciences, 2.4(2024), 40-55.

Siddiqi, M. A., and W. Pak. "An agile approach to identify single and hybrid normalization for enhancing machine learning-based network intrusion detection." IEEE Access 9 (2021): 137494-137513.

Vermeulen, A.F. Unsupervised Learning: Deep Learning. In Industrial Machine Learning; Apress: Berkeley, CA, USA, 2020; pp. 225–241. ISBN 978-1-4842-5315-1.

Bhattacharya, Sweta, et al. "A novel PCA-firefly based XGBoost classification model for intrusion detection in networks using GPU." Electronics 9.2 (2020): 219.

Kharwar, Ankit, and Devendra Thakor. "A hybrid approach for feature selection using SFS with extra-tree and classification using AdaBoost with extra-tree." International Journal of Ad Hoc and Ubiquitous Computing 43.3 (2023): 144-157.

Kharwar, Ankit Rajeshkumar, and Devendra V. Thakor. "An ensemble approach for feature selection and classification in intrusion detection using extra-tree algorithm." International Journal of Information Security and Privacy (IJISP) 16.1 (2022): 1-21.

Bhati, B. S., et al. (2023). Performance Evaluation of Tree-Based Classifiers in IDS. IEEE Transactions on Emerging Topics in Computational Intelligence, 8(1), 67-78