NETWORK TRAFFIC-BASED INTRUSION DETECTION USING MULTISURF-ENHANCED FEATURE SELECTION AND MACHINE LEARNING MODELS

Authors

  • Mehul Kumar Department of Applied Mathematics, Delhi Technological University, New Delhi, India. Author
  • Himanshu Chaudhary Department of Applied Mathematics, Delhi Technological University, New Delhi, India. Author
  • Mohd. Danish Department of Applied Mathematics, Delhi Technological University, New Delhi, India. Author
  • Dr. Anshul Arora Assistant Professor, Department of Mathematics & Computing, Delhi Technological University, New Delhi, India. Author

DOI:

https://doi.org/10.34218/IJCET_16_03_016

Keywords:

Intrusion Detection System (IDS), Network Security, MultiSURF, Feature Selection, Machine Learning, Imbalanced Datasets, Cybersecurity

Abstract

In an era of increasingly sophisticated cyber threats, effective and scalable intrusion detection systems (IDS) are critical to ensuring network security. This paper presents a robust IDS framework that integrates multivariate feature selection, class imbalance handling, and efficient machine learning models to detect network anomalies with high accuracy and reduced computational cost. We employ the MultiSURF algorithm-a Relief-based technique sensitive to feature interactions-to select the most informative features from high-dimensional network traffic data, achieving a 40% reduction in feature space. To further improve data quality, we utilize SMOTE-ENN, a hybrid resampling method that addresses class imbalance while reducing noise. The refined dataset is used to train several machine learning classifiers, including Random Forest and XGBoost, and is evaluated on standard benchmark datasets NSL-KDD and CSE-CIC-IDS2018, as well as on a novel, custom-curated network traffic dataset developed to simulate realistic and emerging attack scenarios. Our proposed pipeline achieves 94.3% accuracy and a 92% F1-score on NSL-KDD, with inference times 18% faster than GA-optimized systems. These results demonstrate the effectiveness and generalizability of our integrated approach in achieving real-time intrusion detection across diverse attack types and data distributions. The framework provides a practical and scalable solution for next-generation network-based IDS in highthroughput environments.

References

Cisco Systems, "Cisco Annual Internet Report (2018-2023)," Mar. 2020. [Online]. Available: https://www.cisco.com/c/en/us/solutions/ executive-perspectives/annual-internet-report/index.html. Accessed: May 18, 2025.

TechTarget, "What is Snort and how does it work?," Feb. 2025. [Online]. Available: https://www.techtarget.com/searchnetworking/ definition/Snort.

N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, "SMOTE: Synthetic Minority Over-sampling Technique," Journal of Artificial Intelligence Research, vol. 16, pp. 321-357, 2002. [Online]. Available: https://jair.org/index.php/jair/article/view/10302.

P. V. Kumar, "Balancing the Imbalanced Dataset Using SMOTE-ENN," JETIR, vol. 10, no. 5, pp. 552-558, May 2023. [Online]. Available: https://www.jetir.org/papers/JETIR2305552.pdf.

R. Urbanowicz et al., "Relief-Based Feature Selection: Advances and Applications," J. Mach. Learn. Res., vol. 24, no. 1, pp. 123-145, 2023.

A. Sharma and K. Jain, "Feature selection for intrusion detection system in Internet-of-Things using Information Gain and Gain Ratio," Internet of Things and Cyber-Physical Systems, vol. 8, p. 100158, 2021. [Online]. Available: https://www.sciencedirect.com/science/article/pii/ S2405959521000588.

B. A. Kumari et al., "MultiSURF: Optimal Feature Selection Technique for Spam Mail Detection," Nanotechnology Perceptions, vol. 20, no. S8, pp. 455-461, 2024. [Online]. Available: https://nano-ntp.com/index.php/ nano/article/download/1329/1119/2383.

R. Urbanowicz, "Feature selection in intrusion detection systems: a new hybrid fusion approach," Journal of Information and Telecommunication, vol. 7, no. 4, pp. 1-18, Oct. 2023. [Online]. Available: https://www. tandfonline.com/doi/full/10.1080/24751839.2023.2272484.

W. Chen et al., "Multi-Criteria Feature Selection Based Intrusion Detection for Network Security," Sensors, vol. 23, no. 17, Art. no. 7434, 2023. [Online]. Available: https://www.mdpi.com/1424-8220/23/17/7434.

W. Chen, X. Zhang, and Y. Li, "Multi-Criteria Feature Selection Based Intrusion Detection for Network Security," Sensors, vol. 23, no. 17, Art. no. 7434, 2023. [Online]. Available: https://www.mdpi.com/1424-8220/ 23/17/7434.

Z. Liu and Y. Shi, "A Hybrid IDS Using GA-Based Feature Selection Method and Random Forest," Int. J. Mach. Learn. Comput., vol. 12, no. 2, pp. 43-50, Mar. 2022. [Online]. Available: https://www.ijml.org/ vol12/1077-T1087.pdf.

L. Liu et al., "Genetic Algorithm Optimization for Real-Time IDS," Future Gener. Comput. Syst., vol. 135, pp. 345-358, Feb. 2024.

S. Liu, S. Ma, and Y. Li, "Optimizing feature selection in intrusion detection systems," Journal of Information Security and Applications, vol. 81, Art. no. 103689, 2024. [Online]. Available: https://www.sciencedirect. com/science/article/abs/pii/S1570870524000969.

J. Zhang et al., "Signature-based intrusion detection using machine learning and deep learning," PMC Bioinformatics, vol. 25, no. 1, pp. 1-15, Jan. 2025. DOI: https://doi.org/10.1093/bib/bbae001.

S. Lundberg and S. Lee, "A Unified Approach to Interpreting Model Predictions," Proc. NeurIPS, vol. 30, pp. 4765-4774, 2017.

S. M. Lundberg et al., "SHAP for Network Intrusion Interpretation," Nature Mach. Intell., vol. 6, no. 2, pp. 89-104, 2024.

Q. Li et al., "Transformer-Based Approaches for Network Anomaly Detection," IEEE Trans. Netw. Serv. Manag., vol. 21, no. 2, pp. 12341245, Jun. 2024.

Z. Liu et al., "CNN-RF Hybrid Model for IoT Intrusion Detection," Eng. Appl. Artif. Intell., vol. 123, Art. no. 106542, Sep. 2023.

M. N. Chohan et al., "IoT Attack Detection Using Hybrid CNN-LSTM with Feature Selection," IEEE Internet Things J., vol. 10, no. 18, pp. 16325-16337, 2023. DOI: https://doi.org/10.1109/JIOT.2023.3296547.

J. Kadam, "Blockchain-Enabled Intrusion Detection for 5G Networks," IEEE Access, vol. 13, pp. 45672-45685, Jul. 2025.

S. Wang et al., "NSL-KDD Dataset Enhancement for Modern Intrusion Detection," IEEE Trans. Inf. Forensics Secur., vol. 18, pp. 4567-4578, 2023.

M. Hussein et al., "UNSW-NB15 Dataset: Characterization and Analysis of Modern Network Threats," Comput. Secur., vol. 97, Art. no. 101965, Mar. 2024.

L. Liu et al., "KDD CUP'99 Dataset: Modern Re-evaluation and Enhancements," J. Cybersecur., vol. 8, no. 2, pp. 102-125, Apr. 2023.

P. V. Kumar, R. Singh, and A. Patel, "LVW-MECO: Hybrid Sampling for Imbalanced Network Intrusion Detection,"Engineering Applications of Artificial Intelligence, vol. 126, pp. 107123, 2023.

A. A. Khan et al., "Benchmark Datasets for Network Intrusion Detection: A Review," Int. J. Network Security, vol. 20, no. 4, pp. 645-654, 2023. [Online]. Available: http://ijns.jalaxy.com.tw/contents/ ijns-v20-n4/ijns-2018-v20-n4-p645-654.pdf.

NIST, "Cybersecurity Framework Version 2.0," 2024. [Online]. Available: https://www.nist.gov/cyberframework. Accessed: May 18, 2025.

MITRE Corporation, "ATT&CK Framework for Network Intrusion Taxonomy," 2024. [Online]. Available: https://attack.mitre.org/

Downloads

Published

2025-05-24

Issue

Vol. 16 No. 3 (2025): INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING AND TECHNOLOGY (IJCET)

Section

Articles

License

Copyright (c) 2025 Mehul Kumar, Himanshu Chaudhary, Mohd. Danish, Dr. Anshul Arora (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

Mehul Kumar, Himanshu Chaudhary, Mohd. Danish, & Dr. Anshul Arora. (2025). NETWORK TRAFFIC-BASED INTRUSION DETECTION USING MULTISURF-ENHANCED FEATURE SELECTION AND MACHINE LEARNING MODELS. INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING AND TECHNOLOGY, 16(3), 196-210. https://doi.org/10.34218/IJCET_16_03_016