The Adaptive Ensemble Learning-Based Intrusion Detection System for Enhanced Cybersecurity in Networked Environments

With more threats becoming more advanced and more attacks occurring, cybersecurity is now more important than it’s ever been. Not all traditional IDS with signatures can prevent or detect new, clever and never-seen-before problems. Therefore, the work introduces an updated IDS structure with Adaptive Boosting which brings together several weak IDS methods to strengthen the overall system. With support from the Decision Tree Regressor and the NSL-KDD dataset, our model is developed to identify traffic as either safe or belonging to Denial of Service (DoS), Probe, Remote-to-Local (R2L) or User to Root (U2R) attacks. NSL-KDD is chosen for benchmarking over KDD’99 because it preserves more diversity in the attack types and cuts back on repeated data. The model was supported in learning and applying information by performing pre-processing, choosing which features to use and normalizing the data. Accuracy, precision, recall, F1-score and Area Under the Curve (AUC) were used by experts to analyse the model. From what we see, AdaBoost-based IDS brings much better results than standard techniques such as LR, SVM and RF, with accuracy near 100% and very few wrong alerts. Since the system detects threats effectively and is very tough, it is used today to spot and avoid hazards in online networks.