Intrusion detection based on ensemble learning for big data classification

The escalating frequency and sophistication of cyber threats pose significant challenges to traditional intrusion detection methods. Signature-based misuse detection, hybrid detection, and anomaly detection, while effective in isolation, often struggle to keep pace with the ever-evolving tactics employed by attackers. This research stems from the pressing need to develop intrusion detection models that offer improved accuracy, adaptability, and robustness in the face of rapidly changing attack vectors. Our study leverages a comprehensive set of experiments conducted on diverse datasets, including N-BaIoT, NSL-KDD, and CICIDS2017. The primary focus is on the evaluation and comparison of machine learning algorithms such as Random Forest, XGBoost, and decision trees. Notably, our research culminates in the development of a hybrid intrusion detection model that combines the strengths of these algorithms. The results of our experiments indicate that the hybrid model, particularly when combining Random Forest and XGBoost, exhibits exceptional accuracy. This approach outperforms individual algorithms, achieving an accuracy rate of 97% in certain cases. We attribute this success to the ensemble learning approach, which capitalizes on the consensus of diverse classifiers. In conclusion, our research not only demonstrates the effectiveness of ensemble learning in enhancing intrusion detection but also underscores the importance of continuous adaptation in the face of evolving threats. By leveraging network traffic data, our hybrid model offers a promising avenue for bolstering intrusion classification in Big Data environments.