NETWORK TRAFFIC-BASED INTRUSION DETECTION USING MULTISURF-ENHANCED FEATURE SELECTION AND MACHINE LEARNING MODELS

Abstract

In an era of increasingly sophisticated cyber threats, effective and scalable intrusion detection systems (IDS) are critical to ensuring network security. This paper presents a robust IDS framework that integrates multivariate feature selection, class imbalance handling, and efficient machine learning models to detect network anomalies with high accuracy and reduced computational cost. We employ the MultiSURF algorithm-a Relief-based technique sensitive to feature interactions-to select the most informative features from high-dimensional network traffic data, achieving a 40% reduction in feature space. To further improve data quality, we utilize SMOTE-ENN, a hybrid resampling method that addresses class imbalance while reducing noise. The refined dataset is used to train several machine learning classifiers, including Random Forest and XGBoost, and is evaluated on standard benchmark datasets NSL-KDD and CSE-CIC-IDS2018, as well as on a novel, custom-curated network traffic dataset developed to simulate realistic and emerging attack scenarios. Our proposed pipeline achieves 94.3% accuracy and a 92% F1-score on NSL-KDD, with inference times 18% faster than GA-optimized systems. These results demonstrate the effectiveness and generalizability of our integrated approach in achieving real-time intrusion detection across diverse attack types and data distributions. The framework provides a practical and scalable solution for next-generation network-based IDS in highthroughput environments.