A Hybridized Data Mining Technique for Enhanced Network Intrusion Detection Performance

Abstract

Conventional intrusion detection systems (IDS) are no longer efficient enough to recognize newly designed cyber-attacks because of increasing complexities and amount of network traffic data. A more effective approach for Data Mining (DM) is required for cybersecurity applications, although individual Data Mining strategies were sufficient for intrusion detection systems previously. In order to enhance precision and malleability for network intrusion detection systems (NIDS), this paper proposes a hybrid strategy for data mining using “CIC IDS2017” dataset downloaded from Kaggle. This hybrid approach uses ensemble learning to increase classification efficiency by unifying the “Adaptive Boosting” approach strengths and the “C4.5 Decision Tree” algorithm technique concepts. Data preprocessing techniques, Label Encoding techniques, and classifiers belonging to the “Supervised Classification” category stood as key components of this strategy approach. Its efficiency is assessed using standard metrics. This proposed hybrid strategy approach resulted in near-perfect performance on its testing approach by generating 317,937 “True Positives” values, having “4” “False Positives” values, and having “Accuracy” of 99.9%. The performance of “C4.5 Classifier” approach also resulted in generation of 317,938 “True Positives” values having “5” “False Positives” values having “Precision” “Recall” “and F1-score” measures recorded at 99.9%. “Adaptive Boost” approach resulted in “317,185” “True Positives” values having “287” “False Positives” values having “Accuracy” “Precision” “Recall” “and F1-score” “values at “99.7%” “99.8%” “99.5%”, “and 99.7%”. This enhances development efforts of “intelligent” “cybersecurity” “systems” by applying “Deep” “Learning” “concept” further emphasizing “Data” “Mining” application for “network” “enhancements” to remain efficient