An optimized ensemble prediction model using AutoML based on soft voting classifier for network intrusion detection

Abstract

Traditional ML based IDS cannot handle high-speed and ever-evolving attacks. Furthermore, these traditional IDS face several common challenges, such as processing large amounts of network profiling data, low accuracy and detection rates, and data imbalance. Therefore, there is an immense demand for a security system for multi-purpose network applications to mitigate intrusion in network profiling data to protect users’ privacy and property across the Internet. This study presents an OE-IDS model using AutoML based on a soft voting method for detecting intrusion in the network environment. The proposed study uses an AutoML framework to select optimal supervised classifiers for developing an optimal ensemble strategy using a soft voting method to maximize accuracy and minimize false alarm rates. Furthermore, our proposed study uses different sampling methods to extend data to solve the problem of data imbalance and minority classes. In addition, our proposed OE-IDS is validated using two benchmark datasets, such as UNSWNB15 and CICIDS2017, to achieve a higher detection rate. Both original and re-sampled data samples are considered to validate the proposed OE-IDS to ensure the generalizability and stability of the proposed OE-IDS model. The performance assessment shows that the proposed OE-IDS model detects intrusions with high accuracy in the network intrusion environment. The detection rate of the OE-IDS model based on reduced features set for UNSWNB15 and CICIDS2017 is 0.98% and 0.973%, respectively. Moreover, our proposed model is compared with conventional ML-based IDS; it is found that our proposed OE-IDS has produced higher accuracy and better detection rate.