Open Access

ARTICLE

Performance Analysis of Machine Learning-Based Intrusion Detection with Hybrid Feature Selection

Mohammad Al-Omari¹, Qasem Abu Al-Haija^2,*

1 Department of Business Information Technology, Princess Sumaya University for Technology, Amman, 11941, Jordan
2 Department of Cybersecurity, Faculty of Computer & Information Technology, Jordan University of Science and Technology, Irbid, 22110, Jordan

* Corresponding Author: Qasem Abu Al-Haija. Email:

Computer Systems Science and Engineering 2024, 48(6), 1537-1555. https://doi.org/10.32604/csse.2024.056257

Received 18 July 2024; Accepted 14 September 2024; Issue published 22 November 2024

Abstract

More businesses are deploying powerful Intrusion Detection Systems (IDS) to secure their data and physical assets. Improved cyber-attack detection and prevention in these systems requires machine learning (ML) approaches. This paper examines a cyber-attack prediction system combining feature selection (FS) and ML. Our technique’s foundation was based on Correlation Analysis (CA), Mutual Information (MI), and recursive feature reduction with cross-validation. To optimize the IDS performance, the security features must be carefully selected from multiple-dimensional datasets, and our hybrid FS technique must be extended to validate our methodology using the improved UNSW-NB 15 and TON_IoT datasets. Our technique identified 22 key characteristics in UNSW-NB-15 and 8 in TON_IoT. We evaluated prediction using seven ML methods: Decision Tree (DT), Random Forest (RF), Logistic Regression (LR), Naive Bayes (NB), K-Nearest Neighbors (KNN), Support Vector Machines (SVM), and Multilayer Perceptron (MLP) classifiers. The DT, RF, NB, and MLP classifiers helped our model surpass the competition on both datasets. Therefore, the investigational outcomes of our hybrid model may help IDSs defend business assets from various cyberattack vectors.

---

Keywords

---