MACHINE LEARNING-BASED NETWORK INTRUSION DETECTION SYSTEM USING THE CSE-CIC-IDS2018 DATASET

Abstract: Network Intrusion Detection Systems (NIDS) are vital defences against evolving and sophisticated cyber threats. Traditional security approaches frequently fail to detect novel, low-volume polymorphic attacks, necessitating the integration of adaptive machine learning (ML) models. This paper presents a high-performance, computationally efficient ML-based NIDS utilizing the contemporary CSE-CIC-IDS2018 dataset. This corpus is preferred over older, synthetic benchmarks (e.g., NSL-KDD) because it provides high-fidelity, B-profile generated benign traffic, ensuring model training accurately reflects real-world network operations. The proposed system employs a Random Forest (RF) classifier, selected for its superior balance of classification accuracy, computational efficiency, and intrinsic feature importance measurement compared to resource-intensive Deep Learning (DL) alternatives.1 The comprehensive methodology includes data cleaning, feature standardization via StandardScaler, and the application of synthetic oversampling techniques (SMOTE) to mitigate the severe class imbalance inherent in network traffic data.3 Experimental results demonstrate that the RF model, optimized via wrapper-based feature selection, achieves a high overall accuracy of 99.9% and robust macro-averaged F1-scores exceeding 96% across seven major attack classes, validating its resilience and practical deploy ability in resource-constrained, large-scale network environments.

Keywords: Network Intrusion Detection, Machine Learning, Random Forest, CSE-CIC-IDS2018, Feature Selection, Class Imbalance, Cybersecurity.