Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers
The growing digital transformation has increased the need for effective intrusion detection systems. Traditional intrusion detection systems face challenges in accurately classifying complex patterns. To address this issue, this study proposed a Hybrid Learning Model (HLM) that combines both paramet...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2025-01-01
|
| Series: | Alexandria Engineering Journal |
| Subjects: | |
| Online Access: | http://www.sciencedirect.com/science/article/pii/S1110016824012651 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832583123687178240 |
|---|---|
| author | C. Rajathi P. Rukmani |
| author_facet | C. Rajathi P. Rukmani |
| author_sort | C. Rajathi |
| collection | DOAJ |
| description | The growing digital transformation has increased the need for effective intrusion detection systems. Traditional intrusion detection systems face challenges in accurately classifying complex patterns. To address this issue, this study proposed a Hybrid Learning Model (HLM) that combines both parametric and non-parametric classifiers. The proposed HLM consist of two stages: the first stage employs a non-parametric Base Learner (np-BL) to analyze the data patterns and the second stage involves meta-modelling to generalize the overall performance of the model, named the Parametric Meta-Learning (PML) model. The proposed HLM blends the outcomes of np-BL and PML models using a stacking ensemble. As a base learning model K-Nearest Neighbors (KNN), Decision Tree (DT), Random Forest (RF), Gradient Boosting Machine (GBM), and Support Vector Classification with Radial Basis Function (SVC-RBF), are adopted from a non-parametric classifier group. The parametric classifiers Logistic Regression (LR), Naïve Bayes Classifier (NBC), Linear Discriminant Analysis (LDA), Quadratic Discriminant Analysis (QDA) and Support Vector Machine with linear kernel (Linear SVM) were used as meta-models. The HLM, as proposed, enhances the adaptability and robustness of the model by combining non-parametric and parametric models. To evaluate the competence of the proposed HLM, a performance analysis was conducted using the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets. The effectiveness was assessed using various metrics, including classification accuracy, precision, recall, F1-Score (F1), Receiver Operating Characteristic (ROC) curve, Detection Rate (DR), and False Alarm Rate (FAR). The proposed HLM achieves a better accuracy rate across different datasets when compared with the existing models. The achieved accuracies are 99.02 %, 99.98 % and 99.63 % for the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets respectively. Furthermore, the HLM gave a significant reduction in FAR, with values of 0.0126, 0.0001, and 0.0016 for the above-mentioned datasets. |
| format | Article |
| id | doaj-art-d825e0699bb54633ac1cfa7bc91298eb |
| institution | Kabale University |
| issn | 1110-0168 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | Elsevier |
| record_format | Article |
| series | Alexandria Engineering Journal |
| spelling | doaj-art-d825e0699bb54633ac1cfa7bc91298eb2025-01-29T05:00:12ZengElsevierAlexandria Engineering Journal1110-01682025-01-01112384396Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiersC. Rajathi0P. Rukmani1School of Computer Science and Engineering, Vellore Institute of Technology, Chennai 600127, IndiaCorrespondence to: School of Computer Science and Engineering, Vellore Institute of Technology, Chennai, India.; School of Computer Science and Engineering, Vellore Institute of Technology, Chennai 600127, IndiaThe growing digital transformation has increased the need for effective intrusion detection systems. Traditional intrusion detection systems face challenges in accurately classifying complex patterns. To address this issue, this study proposed a Hybrid Learning Model (HLM) that combines both parametric and non-parametric classifiers. The proposed HLM consist of two stages: the first stage employs a non-parametric Base Learner (np-BL) to analyze the data patterns and the second stage involves meta-modelling to generalize the overall performance of the model, named the Parametric Meta-Learning (PML) model. The proposed HLM blends the outcomes of np-BL and PML models using a stacking ensemble. As a base learning model K-Nearest Neighbors (KNN), Decision Tree (DT), Random Forest (RF), Gradient Boosting Machine (GBM), and Support Vector Classification with Radial Basis Function (SVC-RBF), are adopted from a non-parametric classifier group. The parametric classifiers Logistic Regression (LR), Naïve Bayes Classifier (NBC), Linear Discriminant Analysis (LDA), Quadratic Discriminant Analysis (QDA) and Support Vector Machine with linear kernel (Linear SVM) were used as meta-models. The HLM, as proposed, enhances the adaptability and robustness of the model by combining non-parametric and parametric models. To evaluate the competence of the proposed HLM, a performance analysis was conducted using the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets. The effectiveness was assessed using various metrics, including classification accuracy, precision, recall, F1-Score (F1), Receiver Operating Characteristic (ROC) curve, Detection Rate (DR), and False Alarm Rate (FAR). The proposed HLM achieves a better accuracy rate across different datasets when compared with the existing models. The achieved accuracies are 99.02 %, 99.98 % and 99.63 % for the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets respectively. Furthermore, the HLM gave a significant reduction in FAR, with values of 0.0126, 0.0001, and 0.0016 for the above-mentioned datasets.http://www.sciencedirect.com/science/article/pii/S1110016824012651Ensemble learningHybrid Learning ModelNon-parametric classifierParametric classifier |
| spellingShingle | C. Rajathi P. Rukmani Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers Alexandria Engineering Journal Ensemble learning Hybrid Learning Model Non-parametric classifier Parametric classifier |
| title | Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers |
| title_full | Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers |
| title_fullStr | Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers |
| title_full_unstemmed | Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers |
| title_short | Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers |
| title_sort | hybrid learning model for intrusion detection system a combination of parametric and non parametric classifiers |
| topic | Ensemble learning Hybrid Learning Model Non-parametric classifier Parametric classifier |
| url | http://www.sciencedirect.com/science/article/pii/S1110016824012651 |
| work_keys_str_mv | AT crajathi hybridlearningmodelforintrusiondetectionsystemacombinationofparametricandnonparametricclassifiers AT prukmani hybridlearningmodelforintrusiondetectionsystemacombinationofparametricandnonparametricclassifiers |