IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v12y2024i24p3909-d1541719.html
   My bibliography  Save this article

The Improved Network Intrusion Detection Techniques Using the Feature Engineering Approach with Boosting Classifiers

Author

Listed:
  • Hari Mohan Rai

    (School of Computing, Gachon University, 1342 Seongnam-daero, Sujeong-gu, Seongnam 13120, Republic of Korea)

  • Joon Yoo

    (School of Computing, Gachon University, 1342 Seongnam-daero, Sujeong-gu, Seongnam 13120, Republic of Korea)

  • Saurabh Agarwal

    (Department of Information and Communication Engineering, Yeungnam University, Gyeongsan 38541, Republic of Korea)

Abstract

In the domain of cybersecurity, cyber threats targeting network devices are very crucial. Because of the exponential growth of wireless devices, such as smartphones and portable devices, cyber risks are becoming increasingly frequent and common with the emergence of new types of threats. This makes the automatic and accurate detection of network-based intrusion very essential. In this work, we propose a network-based intrusion detection system utilizing the comprehensive feature engineering approach combined with boosting machine-learning (ML) models. A TCP/IP-based dataset with 25,192 data samples from different protocols has been utilized in our work. To improve the dataset, we used preprocessing methods such as label encoding, correlation analysis, custom label encoding, and iterative label encoding. To improve the model’s accuracy for prediction, we then used a unique feature engineering methodology that included novel feature scaling and random forest-based feature selection techniques. We used three conventional models (NB, LR, and SVC) and four boosting classifiers (CatBoostGBM, LightGBM, HistGradientBoosting, and XGBoost) for classification. The 10-fold cross-validation methods were employed to train each model. After an assessment using numerous metrics, the best-performing model emerged as XGBoost. With mean metric values of 99.54 ± 0.0007 for accuracy, 99.53 ± 0.0013 for precision, 99.54 ± 0.001 for recall, and an F1-score of 99.53 ± 0.0014, the XGBoost model produced the best performance overall. Additionally, we showed the ROC curve for evaluating the model, which demonstrated that all boosting classifiers obtained a perfect AUC value of one. Our suggested methodologies show effectiveness and accuracy in detecting network intrusions, setting the stage for the model to be used in real time. Our method provides a strong defensive measure against malicious intrusions into network infrastructures while cyber threats keep varying.

Suggested Citation

  • Hari Mohan Rai & Joon Yoo & Saurabh Agarwal, 2024. "The Improved Network Intrusion Detection Techniques Using the Feature Engineering Approach with Boosting Classifiers," Mathematics, MDPI, vol. 12(24), pages 1-35, December.
    • Handle: RePEc:gam:jmathe:v:12:y:2024:i:24:p:3909-:d:1541719
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/12/24/3909/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2227-7390/12/24/3909/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:12:y:2024:i:24:p:3909-:d:1541719. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.