The security of modern communication networks cannot be sufficiently ensured without intrusion detection systems (IDS). The main objectives of these systems have been pattern recognition, signature analysis, and the detection of rule violations. Recent developments in machine learning (ML) and deep learning (DL) methodologies have shown potential as viable alternatives in the domain of network intrusion detection (NID). These methods can differentiate between typical and anomalous patterns. This study evaluates network intrusion detection systems (NIDS) using multiple ML algorithms, such as KNN, decision trees (DT), XGBOOST, and random forests (RF), with the NSL-KDD benchmark dataset. We analyze the precision, recall, accuracy, and F1 score of various ML techniques. The findings indicate that machine learning methods substantially enhance detection rates while minimizing false alarms compared to traditional approaches. This research demonstrates not only the feasibility of achieving a high detection rate of attacks but also the capability to make accurate predictions. These results clearly suggest that machine learning holds significant potential for the development of highly efficient NIDS systems.

This study can be extended in several meaningful ways to improve the effectiveness of the intrusion detection system. Future work can explore deep learning models such as CNNs, RNNs, or LSTMs, which may capture more complex attack patterns than traditional machine learning methods. Feature selection and dimensionality reduction techniques like PCA or mutual information can also be applied to optimize performance and reduce training time. Additionally, the current work is based on offline data, so developing a real- time IDS capable of analyzing live network traffic would make the system more practical for real-world deployment. As new cyberattacks continue to emerge, implementing adaptive or online learning models can help the IDS update itself automatically. The system can also be enhanced by deploying it on cloud or edge platforms for better scalability, and by integrating it with existing security tools such as firewalls. Finally, although SMOTE helped address class imbalance, more advanced resampling approaches could be explored to further improve the detection of rare attack types.

[1]Roy, D.B., Chaki, R.: State of the art analysis of network traffic anomaly detection. In: Applications and Innovations in Mobile Computing (AIMoC), IEEE, pp. 186–192 (2014) [2]Masdari, M., Khezri, H.: A survey and taxonomy of the fuzzy signature-based intrusion detection systems. Appl. Soft Comput. 92, 106301 (2020). [3]Masdari, M., Khezri, H.: Towards fuzzy anomaly detection- based security: a comprehensive review. Fuzzy Optim. Decis. Mak. 20(1), 1–49 (2021). [4]Alam, S., Shuaib, M., & Samad, A. (2019). A Collaborative Study of Intrusion Detection and Prevention Techniques in Cloud Computing. In Lecture Notes in Networks and Systems (Vol. 55, pp. 231–240). [5]Ravipati, R. D., & Abualkibash, M. (2019). Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper. International Journal of Computer Science & Information Technology (IJCSIT) Vol, 11. [6]Dhanabal, L., and S. P. Shantharajah. “A study on NSL-KDD dataset for intrusion detection system based on classification algorithms.” International journal of advanced research in computer and communication engineering 4.6 (2015): 446- 452. [7]Belavagi, Manjula C., and Balachandra Muniyal. “Performance evaluation of supervised machine learning algorithms for intrusion detection.” Procedia Computer Science 89 (2016): 117-123. [8]Eshak Magdy, Mina, et al. “A Comparative study of intrusion detection systems applied to NSL-KDD Dataset.” The Egyptian International Journal of Engineering Sciences and Technology 43.2 (2023): 88-98. [9]Revathi, Sathyanarayanan, and A. Malathi. “A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection.” International Journal of Engineering Research & Technology (IJERT) 2.12 (2013): 1848-1853. [10]Kasongo, Sydney Mambwe. “A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework.” Computer Communications 199 (2023): 113-125. [11]IBM, “What is a decision tree?” IBM Think, https://www.ibm.com/think/topics/decision-trees accessed Jan 12 2026. [12]Breiman, Leo. “Random forests.” Machine learning 45.1 (2001): 5-32. [13]Suyal, Manish, and Parul Goyal. “A review on analysis of k- nearest neighbor classification machine learning algorithms based on supervised learning.” International Journal of Engineering Trends and Technology 70.7 (2022): 43-48. Chen, Tianqi. “XGBoost: A Scalable Tree Boosting System.” Cornell University (2016).

© 2025 International Journal of Engineering and Techniques (IJET).

Digital Object Identifier (DOI)

IJET assigns a unique DOI to every accepted article via Zenodo for persistent linking and citation. Your article’s DOI: https://doi.org/{{doi}}

Open DOI About Zenodo DOI

Close