Development of a stacked hybrid Decision Tree model leveraging the NSL-KDD dataset

Abstract

Intrusion detection in information technology as well as operational technology networks is highly required in modern day systems due to the increased spate of cyber-attacks in both number and complexity. Anomaly-based intrusion detection systems which have the capacity to detect novel or zero-day attacks are highly employed in this regard. One important component of anomaly-based intrusion detection systems which ensures their behaviour is artificial intelligence in general and machine learning in particular. The burden in modern day cybersecurity research is to investigate and develop models that can outperform existing ones. This paper is aimed at developing a hybrid decision tree model using the stacking ensemble approach. Performances were measured on the basis of recall, precision, accuracy, F1-score, receiver operating characteristics and confusion matrices. The hybrid model presented a precision of 97%, accuracy of 81%, F1-score of 80% and AUC score of 0.96, respectively.