TY - GEN
T1 - Performance Evaluation of Machine Learning Models for Intrusion Detection
T2 - 10th International Conference on Electronic Technology and Information Science, ICETIS 2025
AU - Wang, Zenghui
AU - Meng, Lin
AU - Sun, Yanxia
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - Intrusion Detection Systems (IDS) are essential for safeguarding network infrastructures by identifying unauthorized access and malicious activities. This study investigates the efficacy of various machine learning algorithms, such as Support Vector Machine (SVM), Random Forest (RF), XGBoost, and Long Short-Term Memory (LSTM) networks, in detecting intrusions using the NSL-KDD dataset. We focus on the impact of feature selection on model performance, employing an iterative feature removal process based on feature importance rankings. Our findings indicate that ensemble methods like RF and XGBoost consistently achieve high accuracy and recall across different feature subsets. LSTM networks are initially less effective with smaller feature sets. However, they demonstrate significant improvements in F1-score and precision when the number of features increases. SVMs exhibit stable performance, particularly with well-engineered feature sets. These insights provide valuable guidelines for selecting appropriate algorithms and feature selection strategies in the development of robust IDS.
AB - Intrusion Detection Systems (IDS) are essential for safeguarding network infrastructures by identifying unauthorized access and malicious activities. This study investigates the efficacy of various machine learning algorithms, such as Support Vector Machine (SVM), Random Forest (RF), XGBoost, and Long Short-Term Memory (LSTM) networks, in detecting intrusions using the NSL-KDD dataset. We focus on the impact of feature selection on model performance, employing an iterative feature removal process based on feature importance rankings. Our findings indicate that ensemble methods like RF and XGBoost consistently achieve high accuracy and recall across different feature subsets. LSTM networks are initially less effective with smaller feature sets. However, they demonstrate significant improvements in F1-score and precision when the number of features increases. SVMs exhibit stable performance, particularly with well-engineered feature sets. These insights provide valuable guidelines for selecting appropriate algorithms and feature selection strategies in the development of robust IDS.
KW - Feature Selection
KW - Intrusion Detection
KW - Long Short-Term Memory (LSTM)
KW - NSL-KDD dataset
KW - Random Forest (RF)
KW - Support Vector Machine (SVM)
KW - XGBoost
UR - https://www.scopus.com/pages/publications/105017113612
U2 - 10.1109/ICETIS66286.2025.11144311
DO - 10.1109/ICETIS66286.2025.11144311
M3 - Conference contribution
AN - SCOPUS:105017113612
T3 - 2025 10th International Conference on Electronic Technology and Information Science, ICETIS 2025
SP - 442
EP - 446
BT - 2025 10th International Conference on Electronic Technology and Information Science, ICETIS 2025
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 27 June 2025 through 29 June 2025
ER -