Close This site uses cookies. If you continue to use the site you agree to this. For more details please see our cookies policy.
Contact   |   Sign in   |   Subscribe

Search

Type your text, and hit enter to search:
SearchSearch Icon
Receive a
FREE copy!Subscribe to
Newsletter

Towards a more efficient cyber threat detection 

A new study published in The Journal of Engineering Research (TJER) at Sultan Qaboos University, Oman, presented an advanced intrusion detection system (IDS) designed to improve the accuracy and efficiency of identifying cyber attacks. 

Threat detection (2)
Image by robiulcc2 | Freepik

The proposed model combined a double feature selection technique as well as a stacked ensemble machine learning approach to enhance detection performance, while reducing computational complexity. 

The system applied a two-stage feature reduction process. First, the Variance Threshold method removes low-variance features. This is followed by the Select-K-Best technique to retain the most relevant attributes. As a result, datasets were reduced to as few as 13 or 19 key features, helping to lower processing time without compromising performance.

The system applied a two-stage feature reduction process. The first step, called the Variance Threshold method, removed the low-variance features to avoid unnecessary information. The second step used the Select-K-Best technique to retain the most relevant attributes. As a result, datasets were reduced to as few as 13 or 19 key features, helping to lower processing time without compromising performance.

The classification framework was based on a stacking ensemble structure. At the first level, the system used K-Nearest Neighbours (KNN) and Gaussian Naive Bayes to make initial predictions. Then, a second model, Random Forest, acted as a ‘meta-classifider’ to combine and refine earlier predictions. The Random Forest model was further optimised using Grid Search with cross-validation to ensure the best possible performance.

To test the model, the researchers utilised the CIC-IDS2017 and CIC-DDoS2019 benchmark datasets, which include modern cyber-attack scenarios such as Distributed Denial-of-Service (DDoS), Denial-of-Service (DoS), brute-force, port scans, web attacks, and bot activity. Experimental results showed accuracy rates reaching up to 99.96 per cent, with false alarm rates as low as 0.007 per cent and detection times under 13 seconds.

Compared with several existing intrusion detection approaches, the proposed system demonstrated competitive performance while addressing common limitations such as redundant feature processing, extended training times, and challenges in handling imbalanced datasets.

Given the increasing complexity of cyber threats associated with IoT, cloud computing, and high-speed networks, the study highlighted the importance of efficient feature engineering combined with ensemble learning techniques. The authors suggested that the approach may support practical, real-time cybersecurity applications and recommend further validation in IoT environments and hybrid deep learning frameworks.

DOI: https://doi.org/10.53540/1726-6742.1319

    Tweet       Post       Post
LoginRegister
Oops! Not a subscriber?

This content is available to subscribers only. Click here to subscribe now.

If you already have a subscription, then login here.