ARCHIVES
Original Article
A Hybrid Machine Learning Approach for Network Intrusion Detection with Real-Time Visualization
Manjula G1
Samhith G2
Kartik Lutimath3
Monisha Raj H N4
Preethi K R5
1Professor & HOD, Department of Computer Science and Design, Dayananda Sagar Institutions, Bengaluru, Karnataka, India. 2345Undergraduate Students, Department of Computer Science and Design, Dayananda Sagar Institutions, Bengaluru, Karnataka, India.
Published Online: May-August 2025
Pages: 91-100
Cite this article
↗ https://www.doi.org/10.59256/indjcst.20250402009
References
[1] Sangkatsanee P, Wattanapongsakorn N, Charnsripinyo C. Practical real-time intrusion detection using machine learning approaches.
Computer Communications. 2011 Dec 1;34(18):2227-35. https://doi.org/10.1016/j.comcom.2011.07.001
[2] Shone N, Ngoc TN, Phai VD, Shi Q. A deep learning approach to network intrusion detection. IEEE transactions on emerging topics in
computational intelligence. 2018 Jan 22;2(1):41-50. https://doi.org/10.1109/TETCI.2017.2772792[3] Vinayakumar R, Soman KP, Velan KS, Ganorkar S. Evaluating shallow and deep networks for ransomware detection and classification.
In2017 international conference on advances in computing, communications and informatics (ICACCI) 2017 Sep 13 (pp. 259-265). IEEE.
https://doi.org/10.1109/ICACCI.2017.8125850
[4] A. A. Yilmaz, "Intrusion Detection in Computer Networks using Optimized Machine Learning Algorithms," 2022 3rd International
Informatics and Software Engineering Conference (IISEC), Ankara, Turkey, 2022, pp. 1–6.
https://doi.org/10.1109/IISEC56263.2022.9998258
[5] H. Shiravi, A. Shiravi, and A. A. Ghorbani, "A survey of visualization systems for network security," IEEE Transactions on Visualization
and Computer Graphics, vol. 18, no. 11, pp. 2047-2068, Nov. 2012.
[6] Aljawarneh S, Aldwairi M, Yassein MB. Anomaly-based intrusion detection system through feature selection analysis and building hybrid
efficient model. Journal of Computational Science. 2018 Mar 1;25:152-60. https://doi.org/10.1016/j.jocs.2017.03.006
[7] Buczak AL, Guven E. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications
surveys & tutorials. 2015 Oct 26;18(2):1153-76. https://doi.org/10.1109/COMST.2015.2494502
[8] Hu W, Hu W, Maybank S. Adaboost-based algorithm for network intrusion detection. IEEE Transactions on Systems, Man, and
Cybernetics, Part B (Cybernetics). 2008 Mar 7;38(2):577-83. https://doi.org/10.1109/TSMCB.2007.914695
[9] E. E. Abdallah, W. Eleisah, and A. F. Otoom, "Intrusion Detection Systems using Supervised Machine Learning Techniques: A Survey,"
Procedia Computer Science, vol. 201, pp. 205–212, 2022. https://doi.org/10.1016/j.procs.2022.03.029
[10] Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the KDD CUP 99 data set. In2009 IEEE symposium on computational
intelligence for security and defense applications 2009 Jul 8 (pp. 1-6). IEEE. https://doi.org/10.1109/CISDA.2009.5356528
[11] A. Kiran, B. A. Kumar, T. Sameeratmaja, S. W. Prakash, Likhitha, and U. S. S. R. Charan, "Intrusion Detection System Using Machine
Learning," 2023 International Conference on Computer Communication and Informatics (ICCCI), Hyderabad, India, 2023, pp. 1–6.
https://doi.org/10.1109/ICCCI56745.2023.10128363
[12] F. Guo, H. Jiao, X. Zhang, Y. Zhou, and H. Feng, "Information Security Network Intrusion Detection System Based on Machine Learning,"
2024 International Conference on Data Science and Network Security (ICDSNS), Wuhan, China, 2024, pp. 1–6.
https://doi.org/10.1109/ICDSNS62112.2024.10691041
[13] A. A. Aburomman and M. B. I. Reaz, "A survey of intrusion detection systems based on ensemble and hybrid classifiers," Comput. Secur.,
vol. 65, pp. 135–152, Mar. 2017, doi: 10.1016/j.cose.2016.11.004.
[14] I. Ahmad, M. Basheri, M. J. Iqbal, and A. Rahim, "Performance comparison of support vector machine, random forest, and extreme
learning machine for intrusion detection," IEEE Access, vol. 6, pp. 33789–33795, 2018, doi: 10.1109/ACCESS.2018.2841987.
[15] M. Ahmed, A. N. Mahmood, and J. Hu, "A survey of network anomaly detection techniques," J. Netw. Comput. Appl., vol. 60, pp. 19–31,
Jan. 2016, doi: 10.1016/j.jnca.2015.11.016.
[16] A. Ahmim, M. Derdour, and M. A. Ferrag, "An intrusion detection system based on combining probability predictions of a tree of
classifiers," Int. J. Commun. Syst., vol. 32, no. 12, p. e3981, Aug. 2019, doi: 10.1002/dac.3981.
[17] M. Almseidin, M. Alzubi, S. Kovacs, and M. Alkasassbeh, "Evaluation of machine learning algorithms for intrusion detection system," in
Proc. 2017 IEEE 15th Int. Symp. Intell. Syst. Inform. (SISY), Subotica, Serbia, Sep. 2017, pp. 000277–000282, doi:
10.1109/SISY.2017.8080570. (arXiv: 10.48550/arXiv.1801.02330)
[18] M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, "Building an intrusion detection system using a filter-based feature selection algorithm,"
IEEE Trans. Comput., vol. 65, no. 10, pp. 2986–2998, Oct. 2016, doi: 10.1109/TC.2016.2519914.
[19] J. P. Anderson, "Computer security threat monitoring and surveillance," James P. Anderson Company, Fort Washington, PA, Tech. Rep.,
1980. (DOI not typically assigned)
[20] M. Angelini, G. Blasilli, T. Catarci, S. Lenti, and G. Santucci, "Vulnus: Visual vulnerability analysis for network security," IEEE Trans.
Visual. Comput. Graph., vol. 25, no. 1, pp. 183–192, Jan. 2019, doi: 10.1109/TVCG.2018.2865041.
[21] F. Böhm, F. Menges, and G. Pernul, "Graph-based visual analytics for cyber threat intelligence," Cybersecurity, vol. 1, no. 1, p. 16, Dec.
2018, doi: 10.1186/s42400-018-0017-4.
[22] V. Chandola, A. Banerjee, and V. Kumar, "Anomaly detection: A survey," ACM Comput. Surv., vol. 41, no. 3, Art. no. 15, pp. 1–58, Jul.
2009, doi: 10.1145/1541880.1541882.
[23] D. E. Denning, "An intrusion-detection model," IEEE Trans. Softw. Eng., vol. SE-13, no. 2, pp. 222–232, Feb. 1987, doi:
10.1109/TSE.1987.232894.
[24] Ö. Depren, M. Topallar, E. Anarim, and M. K. Ciliz, "An intelligent intrusion detection system (IDS) for anomaly and misuse detection in
computer networks," Expert Syst. Appl., vol. 29, no. 4, pp. 713–722, Nov. 2005, doi: 10.1016/j.eswa.2005.05.002.
[25] L. Dhanabal and S. P. Shantharajah, "A study on CICIDS dataset for intrusion detection system based on classification algorithms," Int.
J. Adv. Res. Comput. Commun. Eng., vol. 4, no. 6, pp. 446–452, Jun. 2015.
[26] Z. Ding and M. Fei, "An anomaly detection approach based on isolation forest algorithm for streaming data using sliding window," IFAC
Proc. Vol., vol. 46, no. 20, pp. 12–17, 2013, doi: 10.3182/20130902-3-CN-3020.00044.
[27] [27] R. F. Erbacher, "Intrusion behavior detection through visualization," in Proc. IEEE Syst., Man Cybern. Soc. Inf. Assur. Workshop,
West Point, NY, USA, Jun. 2003, pp. 61–68, doi: 10.1109/SMCSIA.2003.1232412.
[28] N. Farnaaz and M. A. Jabbar, "Random forest modeling for network intrusion detection system," Procedia Comput. Sci., vol. 89, pp. 213–
217, 2016, doi: 10.1016/j.procs.2016.06.047.
[29] S. Foresti, J. Agutter, Y. Livnat, S. Moon, and R. Erbacher, "Visual correlation of network alerts," IEEE Comput. Graph. Appl., vol. 26,
no. 2, pp. 48–59, Mar./Apr. 2006, doi: 10.1109/MCG.2006.49.
[30] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maciá-Fernández, and E. Vázquez, "Anomaly-based network intrusion detection: Techniques,
systems and challenges," Comput. Secur., vol. 28, no. 1–2, pp. 18–28, Feb./Mar. 2009, doi: 10.1016/j.cose.2008.08.003.
[31] M. R. Gauthama Raman, K. Kirthivasan, and V. S. S. Sriram, "Development of rough set-hypergraph technique for key feature
identification in intrusion detection systems," Comput. Electr. Eng., vol. 59, pp. 189–200, Apr. 2017, doi:
10.1016/j.compeleceng.2017.01.019.
[32] J. R. Goodall, W. G. Lutters, P. Rheingans, and A. Komlodi, "Preserving the big picture: Visual network traffic analysis with TNV," in
Proc. IEEE Workshop Visual. Comput. Secur., Konstanz, Germany, Oct. 2004, pp. 47–54, doi: 10.1109/VISSEC.2004.10.
[33] J. Gu, L. Wang, H. Wang, and S. Wang, "A novel approach to intrusion detection using SVM ensemble with feature augmentation,"
Comput. Secur., vol. 86, pp. 53–62, Oct. 2019, doi: 10.1016/j.cose.2019.05.021.
[34] B. Ingre and A. Yadav, "Performance analysis of CICIDS dataset using ANN," in Proc. 2015 Int. Conf. Signal Process. Commun. Eng.
Syst. (SPACES), Guntur, India, Jan. 2015, pp. 92–96, doi: 10.1109/SPACES.2015.7058223.A Hybrid Machine Learning Approach for Network Intrusion Detection with Real-Time Visualization
Published By: Fifth Dimension Research Publication https://fdrpjournals.org/ 100 | P a g e
[35] I. A. Khan, D. Pi, Z. U. Khan, Y. Hussain, and A. Nawaz, "HML-IDS: A hybrid-multilevel anomaly prediction approach for intrusion
detection in SCADA systems," IEEE Access, vol. 7, pp. 89507–89521, 2019, doi: 10.1109/ACCESS.2019.2926688.
[36] D. Kwon, H. Kim, J. Kim, S. C. Suh, I. Kim, and K. J. Kim, "A survey of deep learning-based network anomaly detection," Clust. Comput.,
vol. 22, no. 1, pp. 949–961, Mar. 2019, doi: 10.1007/s10586-017-1179-7.
[37] F. T. Liu, K. M. Ting, and Z.-H. Zhou, "Isolation forest," in Proc. 2008 Eighth IEEE Int. Conf. Data Mining (ICDM), Pisa, Italy, Dec.
2008, pp. 413–422, doi: 10.1109/ICDM.2008.17.
[38] Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, "Kitsune: An ensemble of autoencoders for online network intrusion detection," in
Proc. Netw. Distrib. Syst. Secur. Symp. (NDSS), San Diego, CA, USA, Feb. 2018, doi: 10.14722/ndss.2018.23204.
[39] E. K. Viegas, A. O. Santin, and L. S. Oliveira, "Toward a reliable anomaly-based intrusion detection in real-world environments,"
Comput. Netw., vol. 127, pp. 202–216, Oct. 2017, doi: 10.1016/j.comnet.2017.08.009.
Computer Communications. 2011 Dec 1;34(18):2227-35. https://doi.org/10.1016/j.comcom.2011.07.001
[2] Shone N, Ngoc TN, Phai VD, Shi Q. A deep learning approach to network intrusion detection. IEEE transactions on emerging topics in
computational intelligence. 2018 Jan 22;2(1):41-50. https://doi.org/10.1109/TETCI.2017.2772792[3] Vinayakumar R, Soman KP, Velan KS, Ganorkar S. Evaluating shallow and deep networks for ransomware detection and classification.
In2017 international conference on advances in computing, communications and informatics (ICACCI) 2017 Sep 13 (pp. 259-265). IEEE.
https://doi.org/10.1109/ICACCI.2017.8125850
[4] A. A. Yilmaz, "Intrusion Detection in Computer Networks using Optimized Machine Learning Algorithms," 2022 3rd International
Informatics and Software Engineering Conference (IISEC), Ankara, Turkey, 2022, pp. 1–6.
https://doi.org/10.1109/IISEC56263.2022.9998258
[5] H. Shiravi, A. Shiravi, and A. A. Ghorbani, "A survey of visualization systems for network security," IEEE Transactions on Visualization
and Computer Graphics, vol. 18, no. 11, pp. 2047-2068, Nov. 2012.
[6] Aljawarneh S, Aldwairi M, Yassein MB. Anomaly-based intrusion detection system through feature selection analysis and building hybrid
efficient model. Journal of Computational Science. 2018 Mar 1;25:152-60. https://doi.org/10.1016/j.jocs.2017.03.006
[7] Buczak AL, Guven E. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications
surveys & tutorials. 2015 Oct 26;18(2):1153-76. https://doi.org/10.1109/COMST.2015.2494502
[8] Hu W, Hu W, Maybank S. Adaboost-based algorithm for network intrusion detection. IEEE Transactions on Systems, Man, and
Cybernetics, Part B (Cybernetics). 2008 Mar 7;38(2):577-83. https://doi.org/10.1109/TSMCB.2007.914695
[9] E. E. Abdallah, W. Eleisah, and A. F. Otoom, "Intrusion Detection Systems using Supervised Machine Learning Techniques: A Survey,"
Procedia Computer Science, vol. 201, pp. 205–212, 2022. https://doi.org/10.1016/j.procs.2022.03.029
[10] Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the KDD CUP 99 data set. In2009 IEEE symposium on computational
intelligence for security and defense applications 2009 Jul 8 (pp. 1-6). IEEE. https://doi.org/10.1109/CISDA.2009.5356528
[11] A. Kiran, B. A. Kumar, T. Sameeratmaja, S. W. Prakash, Likhitha, and U. S. S. R. Charan, "Intrusion Detection System Using Machine
Learning," 2023 International Conference on Computer Communication and Informatics (ICCCI), Hyderabad, India, 2023, pp. 1–6.
https://doi.org/10.1109/ICCCI56745.2023.10128363
[12] F. Guo, H. Jiao, X. Zhang, Y. Zhou, and H. Feng, "Information Security Network Intrusion Detection System Based on Machine Learning,"
2024 International Conference on Data Science and Network Security (ICDSNS), Wuhan, China, 2024, pp. 1–6.
https://doi.org/10.1109/ICDSNS62112.2024.10691041
[13] A. A. Aburomman and M. B. I. Reaz, "A survey of intrusion detection systems based on ensemble and hybrid classifiers," Comput. Secur.,
vol. 65, pp. 135–152, Mar. 2017, doi: 10.1016/j.cose.2016.11.004.
[14] I. Ahmad, M. Basheri, M. J. Iqbal, and A. Rahim, "Performance comparison of support vector machine, random forest, and extreme
learning machine for intrusion detection," IEEE Access, vol. 6, pp. 33789–33795, 2018, doi: 10.1109/ACCESS.2018.2841987.
[15] M. Ahmed, A. N. Mahmood, and J. Hu, "A survey of network anomaly detection techniques," J. Netw. Comput. Appl., vol. 60, pp. 19–31,
Jan. 2016, doi: 10.1016/j.jnca.2015.11.016.
[16] A. Ahmim, M. Derdour, and M. A. Ferrag, "An intrusion detection system based on combining probability predictions of a tree of
classifiers," Int. J. Commun. Syst., vol. 32, no. 12, p. e3981, Aug. 2019, doi: 10.1002/dac.3981.
[17] M. Almseidin, M. Alzubi, S. Kovacs, and M. Alkasassbeh, "Evaluation of machine learning algorithms for intrusion detection system," in
Proc. 2017 IEEE 15th Int. Symp. Intell. Syst. Inform. (SISY), Subotica, Serbia, Sep. 2017, pp. 000277–000282, doi:
10.1109/SISY.2017.8080570. (arXiv: 10.48550/arXiv.1801.02330)
[18] M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, "Building an intrusion detection system using a filter-based feature selection algorithm,"
IEEE Trans. Comput., vol. 65, no. 10, pp. 2986–2998, Oct. 2016, doi: 10.1109/TC.2016.2519914.
[19] J. P. Anderson, "Computer security threat monitoring and surveillance," James P. Anderson Company, Fort Washington, PA, Tech. Rep.,
1980. (DOI not typically assigned)
[20] M. Angelini, G. Blasilli, T. Catarci, S. Lenti, and G. Santucci, "Vulnus: Visual vulnerability analysis for network security," IEEE Trans.
Visual. Comput. Graph., vol. 25, no. 1, pp. 183–192, Jan. 2019, doi: 10.1109/TVCG.2018.2865041.
[21] F. Böhm, F. Menges, and G. Pernul, "Graph-based visual analytics for cyber threat intelligence," Cybersecurity, vol. 1, no. 1, p. 16, Dec.
2018, doi: 10.1186/s42400-018-0017-4.
[22] V. Chandola, A. Banerjee, and V. Kumar, "Anomaly detection: A survey," ACM Comput. Surv., vol. 41, no. 3, Art. no. 15, pp. 1–58, Jul.
2009, doi: 10.1145/1541880.1541882.
[23] D. E. Denning, "An intrusion-detection model," IEEE Trans. Softw. Eng., vol. SE-13, no. 2, pp. 222–232, Feb. 1987, doi:
10.1109/TSE.1987.232894.
[24] Ö. Depren, M. Topallar, E. Anarim, and M. K. Ciliz, "An intelligent intrusion detection system (IDS) for anomaly and misuse detection in
computer networks," Expert Syst. Appl., vol. 29, no. 4, pp. 713–722, Nov. 2005, doi: 10.1016/j.eswa.2005.05.002.
[25] L. Dhanabal and S. P. Shantharajah, "A study on CICIDS dataset for intrusion detection system based on classification algorithms," Int.
J. Adv. Res. Comput. Commun. Eng., vol. 4, no. 6, pp. 446–452, Jun. 2015.
[26] Z. Ding and M. Fei, "An anomaly detection approach based on isolation forest algorithm for streaming data using sliding window," IFAC
Proc. Vol., vol. 46, no. 20, pp. 12–17, 2013, doi: 10.3182/20130902-3-CN-3020.00044.
[27] [27] R. F. Erbacher, "Intrusion behavior detection through visualization," in Proc. IEEE Syst., Man Cybern. Soc. Inf. Assur. Workshop,
West Point, NY, USA, Jun. 2003, pp. 61–68, doi: 10.1109/SMCSIA.2003.1232412.
[28] N. Farnaaz and M. A. Jabbar, "Random forest modeling for network intrusion detection system," Procedia Comput. Sci., vol. 89, pp. 213–
217, 2016, doi: 10.1016/j.procs.2016.06.047.
[29] S. Foresti, J. Agutter, Y. Livnat, S. Moon, and R. Erbacher, "Visual correlation of network alerts," IEEE Comput. Graph. Appl., vol. 26,
no. 2, pp. 48–59, Mar./Apr. 2006, doi: 10.1109/MCG.2006.49.
[30] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maciá-Fernández, and E. Vázquez, "Anomaly-based network intrusion detection: Techniques,
systems and challenges," Comput. Secur., vol. 28, no. 1–2, pp. 18–28, Feb./Mar. 2009, doi: 10.1016/j.cose.2008.08.003.
[31] M. R. Gauthama Raman, K. Kirthivasan, and V. S. S. Sriram, "Development of rough set-hypergraph technique for key feature
identification in intrusion detection systems," Comput. Electr. Eng., vol. 59, pp. 189–200, Apr. 2017, doi:
10.1016/j.compeleceng.2017.01.019.
[32] J. R. Goodall, W. G. Lutters, P. Rheingans, and A. Komlodi, "Preserving the big picture: Visual network traffic analysis with TNV," in
Proc. IEEE Workshop Visual. Comput. Secur., Konstanz, Germany, Oct. 2004, pp. 47–54, doi: 10.1109/VISSEC.2004.10.
[33] J. Gu, L. Wang, H. Wang, and S. Wang, "A novel approach to intrusion detection using SVM ensemble with feature augmentation,"
Comput. Secur., vol. 86, pp. 53–62, Oct. 2019, doi: 10.1016/j.cose.2019.05.021.
[34] B. Ingre and A. Yadav, "Performance analysis of CICIDS dataset using ANN," in Proc. 2015 Int. Conf. Signal Process. Commun. Eng.
Syst. (SPACES), Guntur, India, Jan. 2015, pp. 92–96, doi: 10.1109/SPACES.2015.7058223.A Hybrid Machine Learning Approach for Network Intrusion Detection with Real-Time Visualization
Published By: Fifth Dimension Research Publication https://fdrpjournals.org/ 100 | P a g e
[35] I. A. Khan, D. Pi, Z. U. Khan, Y. Hussain, and A. Nawaz, "HML-IDS: A hybrid-multilevel anomaly prediction approach for intrusion
detection in SCADA systems," IEEE Access, vol. 7, pp. 89507–89521, 2019, doi: 10.1109/ACCESS.2019.2926688.
[36] D. Kwon, H. Kim, J. Kim, S. C. Suh, I. Kim, and K. J. Kim, "A survey of deep learning-based network anomaly detection," Clust. Comput.,
vol. 22, no. 1, pp. 949–961, Mar. 2019, doi: 10.1007/s10586-017-1179-7.
[37] F. T. Liu, K. M. Ting, and Z.-H. Zhou, "Isolation forest," in Proc. 2008 Eighth IEEE Int. Conf. Data Mining (ICDM), Pisa, Italy, Dec.
2008, pp. 413–422, doi: 10.1109/ICDM.2008.17.
[38] Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, "Kitsune: An ensemble of autoencoders for online network intrusion detection," in
Proc. Netw. Distrib. Syst. Secur. Symp. (NDSS), San Diego, CA, USA, Feb. 2018, doi: 10.14722/ndss.2018.23204.
[39] E. K. Viegas, A. O. Santin, and L. S. Oliveira, "Toward a reliable anomaly-based intrusion detection in real-world environments,"
Comput. Netw., vol. 127, pp. 202–216, Oct. 2017, doi: 10.1016/j.comnet.2017.08.009.
Related Articles
2025
Transforming Cyber-Physical Systems: Machine Learning for Secure and Efficient Solutions
2025
Exploring AI Techniques for Quantum Threat Detection and Prevention
2025
Maturity Models for Business Intelligence: An Overview
2025
INSPIRO: An AI Driven Institution Auditor
2025
Adaptive AI Framework for Anomaly Detection and DDoS Mitigation in Distributed Systems
2025
