Intrusion Detection Systems (IDS) must constantly evolve to keep up with increasingly sophisticated cyber threats, yet they continue to face challenges such as class imbalance, model bias, and overfitting. This paper introduces i-2NIDS, a machine-learning-based framework that integrates Random Forest (RF) with Nested Cross-Validation (nCV) to improve detection stability and ensure reliable generalization. The framework was tested on two datasets with distinct characteristics: the long-established NSL-KDD benchmark and the more recent Kaggle 2023 network traffic dataset, both under binary and multiclass detection settings. Results show that i-2NIDS achieves consistently high accuracy and recall, including rare attack types such as R2L and U2R. Although the framework does not propose a new detection algorithm, its strength lies in the disciplined application of balanced training and rigorous validation practices. The findings highlight that methodological precision rather than algorithmic novelty can substantially enhance the robustness, reproducibility, and practical credibility of modern IDS research.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

i-2NIDS: A Robust Intrusion Detection Framework Based on Random Forest and Nested Cross-validation for Modern Network Traffic Analysis

  • Mourad Hana,
  • Oussama El Haouari,
  • Ibtissame Aouraghe,
  • Ghizlane Khaissidi,
  • Mostafa Mrabti

摘要

Intrusion Detection Systems (IDS) must constantly evolve to keep up with increasingly sophisticated cyber threats, yet they continue to face challenges such as class imbalance, model bias, and overfitting. This paper introduces i-2NIDS, a machine-learning-based framework that integrates Random Forest (RF) with Nested Cross-Validation (nCV) to improve detection stability and ensure reliable generalization. The framework was tested on two datasets with distinct characteristics: the long-established NSL-KDD benchmark and the more recent Kaggle 2023 network traffic dataset, both under binary and multiclass detection settings. Results show that i-2NIDS achieves consistently high accuracy and recall, including rare attack types such as R2L and U2R. Although the framework does not propose a new detection algorithm, its strength lies in the disciplined application of balanced training and rigorous validation practices. The findings highlight that methodological precision rather than algorithmic novelty can substantially enhance the robustness, reproducibility, and practical credibility of modern IDS research.