Adaptive Intrusion Detection System with Ensemble Classifiers for Handling Imbalanced Datasets and Dynamic Network Traffic

Almania, Moaad and Zainal, Anazida and Ghaleb, Fuad A. and Alnawasrah, Ahmad and Al Qerom, Mahmoud (2025) Adaptive Intrusion Detection System with Ensemble Classifiers for Handling Imbalanced Datasets and Dynamic Network Traffic. Journal of Robotics and Control (JRC), 6 (1). pp. 114-123. ISSN 2715-5056

[thumbnail of 23648-Article Text-91733-1-10-20250110.pdf]
Preview
 Text
23648-Article Text-91733-1-10-20250110.pdf - Accepted Version
Available under License Creative Commons Attribution Share Alike.
Download (477kB)

Abstract

Intrusion Detection Systems (IDS) are crucial for network security, but their effectiveness often diminishes in dynamic environments due to outdated models and imbalanced datasets. This paper presents a novel Adaptive Intrusion Detection System (AIDS) that addresses these challenges by incorporating ensemble classifiers and dynamic retraining. The AIDS model integrates K-Nearest Neighbors (KNN), Fuzzy c-means clustering, and weight mapping to improve detection accuracy and adaptability to evolving network traffic. The system dynamically updates its reference model based on the severity of changes in network traffic, enabling more accurate and timely detection of cyber threats. To mitigate the effects of imbalanced datasets, ensemble classifiers, including Decision Tree (DT) and Random Forest (RF), are employed, resulting in significant performance improvements. Experimental results show that the proposed model achieves an overall accuracy of 97.7% and a false alarm rate (FAR) of 2.0%, outperforming traditional IDS models. Additionally, the study explores the impact of various retraining thresholds and demonstrates the model's robustness in handling both common and rare attack types. A comparative analysis with existing IDS models highlights the advantages of the AIDS model, particularly in dynamic and imbalanced network environments. The findings suggest that the AIDS model offers a promising solution for real-time IDS applications, with potential for further enhancements in scalability and computational efficiency.

Item Type: Article
Identification Number: 10.18196/jrc.v6i1.23648
Dates:
Date
Event
10 January 2025
Accepted
10 January 2025
Published Online
Uncontrolled Keywords: Regulated Adaptive IDS, IDS, KNN, Adaptive Intrusion Detection System
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
Divisions: Architecture, Built Environment, Computing and Engineering > Computer Science
Depositing User: Gemma Tonks
Date Deposited: 06 Aug 2025 13:26
Last Modified: 06 Aug 2025 13:26
URI: https://www.open-access.bcu.ac.uk/id/eprint/16578

Actions (login required)

View Item View Item
Tools
CORE (COnnecting REpositories)

Research

In this section...