Evaluating Single-Model and Ensemble-Based Intrusion on the CIC-IDS2017 Dataset

Dharavath Sravani
Dept. of CSE RGUKT Basar, India
sravanidharavath332@gmail.com
Chirra Sanjana
Dept. of CSE RGUKT Basar, India
chirrasanjana24@gmail.com

Myaka Ramya Sri
Dept. of CSE RGUKT Basar, India
myakaramyasri@gmail.com

Abstract—The increasing trend of relying on internet-based systems has significantly enhanced the risks of cybersecurity attacks, making network security an essential requirement. Intrusion Detection Systems (IDS) are critical for identifying malicious network behaviors to prevent cyber attacks. Conven- tional methods of using signature-basedintrusion detection have limited capabilities to detect unknown attacks.  Machine learning algorithms are prone to various problems such asoverfitting, high false positive rates, and poor performance while handling high-dimensional data.In this context, this paper suggests a hybrid intrusion detec- tion systembased on machine learning and ensemble learning techniques. The system uses various supervised machine learn- ing algorithms to learn from network traffic data. Ensemble techniques are used to enhance the overall detection capabilities of the system by utilizing the advantages of various machine learning algorithms. The suggested system uses acombination of Random Forest as a bagging technique, Gradient  Boosting as a boosting technique to enhance sequential learning, and stacking to integrate the results of various base classifiers using a meta classifier. Feature selection techniques are used to remove redundant features to enhance the efficiency of the system. Data balancing techniques such as Synthetic Minority Oversampling Technique (SMOTE) and undersampling are used to handle class imbalanceproblems