Enhancing Cybersecurity with ML: A Multi-Algorithm Approach to Anomaly-Based Intrusion Detection


  • Indira P. Joshi, Vijaya K. Shandilya


IDS (Intrusion Detection System), Anomaly Detection, False Alarm Rate (FAR) and Machine Learning algorithms.


In the era of escalating cyber threats, the significance of robust intrusion detection systems (IDS) cannot be overstated. Traditional methods often struggle to keep pace with the evolving tactics of malicious actors. This paper presents a novel approach to enhancing cybersecurity through the integration of machine learning (ML) techniques within anomaly-based intrusion detection systems. Specifically, we propose a multi-algorithm framework that leverages the complementary strengths of various ML models to effectively identify diverse cyber threats. Our approach aims to address the limitations of single-algorithm systems by combining the capabilities of multiple classifiers. We demonstrate the efficacy of our methodology through extensive experimentation on  real-world network traffic scenarios. Results indicate that our multi-algorithm approach outperforms traditional single-algorithm solutions in terms of detection accuracy, false positive rates, and scalability. Furthermore, we discuss the practical implications of our framework in bolstering cybersecurity defenses across diverse organizational contexts. Overall, this research contributes to the advancement of anomaly-based intrusion detection systems by offering a robust and adaptable ML-driven solution capable of effectively combating emerging cyber threats.


Download data is not yet available.


MananJ, Ahmed A, Ullah I, Merghem-Boulahia L, Gaiti D (2019) Distributed intrusion detection scheme for next generation networks. J Netw Comput Appl 147.

Nadiammai G, Hemalatha M (2014) Effective approach toward Intrusion detection system using data mining techniques. Egypt Inform J 15:37–50.

Almseidin M, Alzudi M, Kovacs S, Alkasassbeh M (2017) Evaluation of machine learning algorithms for intrusion detection. In: 15th International symposium on intelligent systems and informatics, Subotica, Serbia, pp 14–16.

Vinayakumar R, Alazab M, Soman K, Poornachandran P, Al-Nemrat A, Venkatraman S (2019) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:14525–41550.

Butun I, Morgera S, Sankar R (2014) A survey of intrusion detection systems in wireless sensor networks. IEEE Commun Surv Tutorials 16(1):266–282.

Alazab A, Hobbs M, Abawajy J, Khraisat A, Alazab M (2014) Using response action with intelligent intrusion detection and prevention system against web application malware. Inf Manage Comput Secur, 22(5):431–449.

Aburomman, Reaz M,”A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput Secur 65:135–152.

Buczak, Guven E (2016) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun Surv Tutorials 18(2):1153–1176.

Qassim Q, Zin A, Aziz M (2016) Anomalies classification approach for network-based intrusion detection system. Int J Netw Secur 18(6):1159–1172.

Vimala S, Khanaa V, Nalini C (2019) A study on supervised machine learning algorithm to improvise intrusion detection systems for mobile ad hoc networks. Clust Comput 22:4065–4074

Ahmed M, Mahmood AN, Hu J (2016) A survey of network anomaly detection techniques. J Netw Comput Appl 60:19–31.

Feng W, Zhang Q, Hu G, Huang JX (2014) Mining network data for intrusion detection through combining svms with ant colony networks. Futur Gener Comput Syst 37:127–140.

Li L, Yu Y, Bai S, Hou Y, Chen X (2017) An effective two-step intrusion detection approach based on binary classification and k-NN. IEEE Access 6:12060–12073.

Liu J, He J, Zhang W, Ma T, Tang Z, Niyoyita JP, Gui W (2019) ANID-SEoKELM: adaptive network intrusion detection based on selective ensemble of kernel ELMs with random features. Knowl Based Syst 177:104–116.

Khonde SR, Ulagamuthalvi V (2022) Blockchain: secured solution for signature transfer in distributed intrusion detection system. Comput Syst Sci Eng 40(1):37–51.

Khonde SR, Ulagamuthalvi V (2022) Hybrid intrusion detection system using blockchain framework. Eurasip J Wirel Commun Netw 58.

Ferrag MA, Maglaras L, Moschoyiannis S, Janicke H (2020) Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J Inf Secur Appl 50:102–419.

Garg S, Kaur K, Batra S, Aujla GS, Morgan G, Kumar N, Zomaya AY, Ranjan R En-abc: an ensemble artificial bee colony based anomaly detection scheme for cloud environment. J Parallel Distrib Comput 135:219–233.

Wu K, Chen Z, Li W (2018) A novel intrusion detection model for a massive network using convolutional neural networks. IEEE Access 6:50850–50859.

Xiao Y, Xing C, Zhang T, Zhao Z (2019) An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7:42210–42219.

R. Chitrakar and H. Chuanhe, ‘‘Anomaly detection using support vector machine classification with k-medoids clustering,’’ in Proc. 3rd Asian Himalayas Int. Conf. Internet, Nov. 2012, pp. 1–5.

I. P.-B. A. Syarif and G. Wills, ‘‘Unsupervised clustering approach for network anomaly detection,’’ in Proc. Int. Conf. Netw. Digit. Technol., Berlin, Germany, 2012, pp. 135–145.

K. Moh, M. Aung, and N. N. Oo, ‘‘Association rule pattern mining approaches network anomaly detection,’’ in Proc. Int. Conf. Future Comput. Technol., Singapore, 2015, pp. 164–170.

A. H. Hamamoto, L. F. Carvalho, L. D. H. Sampaio, T. Abrão, and M. L. Proença, ‘‘Network anomaly detection system using genetic algorithm and fuzzy logic,’’ Expert Syst. Appl., vol. 92, pp. 390–402, Feb. 2018.

N. T. Pham, E. Foo, S. Suriadi, H. Jeffrey, and H. F. M. Lahza, ‘‘Improving performance of intrusion detection system using ensemble methods and feature selection,’’ in Proc. Australas. Comput. Sci. Week Multiconference, Jan. 2018, pp. 1–6.

I. Sharafaldin, A. Gharib, A. H. Lashkari, and A. A. Ghorbani, ‘‘Towards a reliable intrusion detection benchmark dataset,’’ Softw. Netw., vol. 2017, no. 1, pp. 177–200, 2017.

A. M. Al Tobi and I. Duncan, ‘‘KDD 1999 generation faults: A review and analysis,’’ J. Cyber Secur. Technol., vol. 2, nos. 3–4, pp. 164–200, Oct. 2018.

N. Moustafa and J. Slay, ‘‘UNSW-NB15: A comprehensive data set for network intrusion detection systems,’’ in Proc. Mil. Commun. Inf. Syst., 2015, pp. 1–6.

I. Sharafaldin, A. Habibi Lashkari, and A. A. Ghorbani, ‘‘Toward generating a new intrusion detection dataset and intrusion traffic characterization,’’ in Proc. 4th Int. Conf. Inf. Syst. Secur. Privacy, 2018, pp. 108–116.

Hulk—Packet Storm. Accessed: Aug. 22, 2020. [Online]. Available: https://packetstormsecurity.com/files/112856/HULK-Http-UnbearableLoad-King.html

N. Moustafa and J. Slay, ‘‘The evaluation of network anomaly detection systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set,’’ Inf. Secur. J., Global Perspective, vol. 25, nos. 1–3, pp. 18–31, Apr. 2016.

Cyber Kill Chain—Lockheed Martin. Accessed: Aug. 27, 2020. [Online]. Available: https://www.lockheedmartin.com/en-us/capabilities/ cyber/cyber-kill-chain.html

A. Divekar, M. Parekh, V. Savla, R. Mishra, and M. Shirole, ‘‘Benchmarking datasets for anomaly-based network intrusion detection: KDD CUP 99 alternatives,’’ in Proc. IEEE 3rd Int. Conf. Comput., Commun. Secur. (ICCCS), Kathmandu, Nepal, Oct. 2018, pp. 1–8.

P. Gil. Cleaning Big Data—Forbes. Accessed: Aug. 26, 2020. [Online]. Available: https://www.forbes.com/sites/gilpress/2016/ 03/23/data-preparation-most-time-consuming-least-enjoyable-datascience-task-survey-says/#79e15eaa6f63

Documentation—Argus Accessed: Aug. 27, 2020. [Online]. Available: https://openargus.org/documentation,

Online Manual—Tcptrace. Accessed: Aug. 27, 2020. [Online]. Available: http://www.tcptrace.org/manual.html

M. Alkasassbeh, ‘‘An empirical evaluation for the intrusion detection features based on machine learning and feature selection methods,’’ J. Theor. Appl. Inf. Technol., vol. 95, no. 22, pp. 5962–5976, 2017.

M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, ‘‘Building an intrusion detection system using a filter-based feature selection algorithm,’’ IEEE Trans. Comput., vol. 65, no. 10, pp. 2986–2998, Oct. 2016.

CybersecurityUpdate—WebProNews. Accessed: Aug. 21, 2020. [Online]. Available: https://www.webpronews. com/cisco-cybersecurity-threats/

Z. M. Smith, E. Lostri, and J. A. Lewis, ‘‘The hidden costs of cybercrime,’’ in Proc. McAfee, 2020, p. 3.




How to Cite

Vijaya K. Shandilya, I. P. J. . (2024). Enhancing Cybersecurity with ML: A Multi-Algorithm Approach to Anomaly-Based Intrusion Detection . International Journal of Intelligent Systems and Applications in Engineering, 12(21s), 1111–1116. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/5512



Research Article