This study addresses the challenge of detecting network intrusions by exploring the efficacy of ensemble learning methods over traditional machine learning models. The problem of network security is exacerbated by sophisticated cyber-attack techniques that standard single model approaches often fail to counter effectively. Our solution employs a robust ensemble methodology to improve detection rates. The research contribution lies in the comparative analysis of individual machine learning models—K-Nearest Neighbors (KNN), Decision Trees (DT), and Gradient Boosting (GB)—against ensemble methods employing soft and hard voting classifiers. This study is one of the first to quantify the performance gains of ensemble methods in the context of network intrusion detection. Our methodological approach involves applying these models to the WSNBFSF dataset, which consists of traffic types including normal operations and various attacks. Performance metrics such as accuracy, precision, recall, and F1-score are calculated to assess the effectiveness of each model. The ensemble methods combine the strengths of individual models using voting systems, which are tested against the same metrics. Results indicate that while individual models like DT and GB achieved near-perfect accuracy scores (99.95% and 99.9%, respectively), the ensemble models performed even better. The soft voting classifier achieved an accuracy of 99.967%, and the hard voting classifier reached 100%, demonstrating their superior capability in network traffic classification and intrusion detection. In conclusion, the integration of ensemble methods significantly enhances the detection accuracy and reliability of network intrusion systems. Future research should explore additional ensemble techniques and consider scalability and class imbalance issues to further refine the efficacy of intrusion detection systems.

Network Intrusion Detection; Machine Learning; Ensemble Learning; K-Nearest Neighbors; Decision Tree; Gradient Boosting; Voting Classifiers; Cybersecurity.

J. H. Park, “Advances in Future Internet and the Industrial Internet of Things,” Symmetry, vol. 11, no. 2, p. 244, 2019, doi: 10.3390/sym11020244.

C. Tankard, “Big data security,” Network Security, vol. 2012, no. 7, pp. 5–8, 2012, doi: 10.1016/S1353-4858(12)70063-6.

M. A. Khan, M. R. Karim, and Y. Kim, “A Scalable and Hybrid Intrusion Detection System Based on the Convolutional-LSTM Network,” Symmetry, vol. 11, no. 4, p. 583, 2019, doi: 10.3390/sym11040583.

A. Meryem and B. E. L. Ouahidi, “Hybrid intrusion detection system using machine learning,” Network Security, vol. 2020, no. 5, pp. 8–19, 2020, doi: 10.1016/S1353-4858(20)30056-8.

I. H. Sarker, A. S. M. Kayes, S. Badsha, H. Alqahtani, P. Watters, and A. Ng, “Cybersecurity data science: an overview from machine learning perspective,” J. Big Data, vol. 7, no. 1, pp. 41–29, 2020, doi: 10.1186/s40537-020-00318-5.

Q.-V. Dang, “Studying Machine Learning Techniques for Intrusion Detection Systems. Future Data and Security Engineering,” Springer, 2019, doi: 10.1007/978-3-030-35653-8_28.

A. Muñoz, A. Maña, and J. González, “Dynamic Security Properties Monitoring Architecture for Cloud Computing,” Security Engineering for Cloud Computing: Approaches and Tools, 2013, doi: 10.4018/978-1-4666-2125-1.ch001.

T. Rupa Devi and S. Badugu, “A Review on Network Intrusion Detection System Using Machine Learning,” Advances in Decision Sciences, Image Processing, Security and Computer Vision, 2019, doi: 10.1007/978-3-030-24318-0_69.

K. S. Bhosale, M. Nenova, and G. Iliev, “Intrusion Detection in Communication Networks Using Different Classifiers,” Techno-Societal 2018, 2019, doi: 10.1007/978-3-030-16962-6_3.

H. Liu and B. Lang, “Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey,” Appl. Sci., vol. 9, no. 20, p. 4396, 2019, doi: 10.3390/app9204396.

A. S. Ashoor and S. Gore, “Importance of intrusion detection system (IDS),” International Journal of Scientific and Engineering Research, vol. 2, no. 1, pp. 1-4, 2011.

A. I. Saleh, F. M. Talaat, and L. M. Labib, “A hybrid intrusion detection system (HIDS) based on prioritized k-nearest neighbors and optimized SVM classifiers,” Artif. Intell. Rev., vol. 51, no. 3, pp. 403–443, 2019, doi: 10.1007/s10462-017-9567-1.

A. Khraisat, I. Gondal, P. Vamplew, J. Kamruzzaman, and A. Alazab, “Hybrid Intrusion Detection System Based on the Stacking Ensemble of C5 Decision Tree Classifier and One Class Support Vector Machine,” Electronics, vol. 9, no. 1, p. 173, 2020, doi: 10.3390/electronics9010173.

Y. Zhou, G. Cheng, S. Jiang, and M. Dai, “Building an efficient intrusion detection system based on feature selection and ensemble classifier,” Comput. Networks, vol. 174, p. 107247, 2020, doi: 10.1016/j.comnet.2020.107247.

R. Lyu, M. He, Y. Zhang, L. Jin, and X. Wang, “Network Intrusion Detection Based on an Efficient Neural Architecture Search,” Symmetry, vol. 13, no. 8, p. 1453, 2021, doi: 10.3390/sym13081453.

J. Song, H. Takakura, Y. Okabe, and K. Nakao, “Toward a more practical unsupervised anomaly detection system,” Inform. Sci., vol. 231, pp. 4–14, 2013, doi: 10.1016/j.ins.2011.08.011.

I. Ullah and Q. H. Mahmoud, "A filter-based feature selection model for anomaly-based intrusion detection systems," 2017 IEEE International Conference on Big Data (Big Data), pp. 2151-2159, 2017, doi: 10.1109/BigData.2017.8258163.

Q. R. S. Fitni and K. Ramli, "Implementation of Ensemble Learning and Feature Selection for Performance Improvements in Anomaly-Based Intrusion Detection Systems," 2020 IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology (IAICT), pp. 118-124, 2020, doi: 10.1109/IAICT50021.2020.9172014.

T. Vaiyapuri and A. Binbusayyis, “Application of deep autoencoder as an one-class classifier for unsupervised network intrusion detection: a comparative evaluation,” PeerJ Comput. Sci., vol. 6, p. e327, 2020, doi: 10.7717/peerj-cs.327.

S. K. Wagh and S. R. Kolhe, “Effective semi-supervised approach towards intrusion detection system using machine learning techniques,” International Journal of Electronic Security and Digital Forensics, vol. 7, no. 3, pp. 290-304, 2015.

J. R. Rose, M. Swann, G. Bendiab, S. Shiaeles, and N. Kolokotronis, "Intrusion Detection using Network Traffic Profiling and Machine Learning for IoT," 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), pp. 409-415, 2021, doi: 10.1109/NetSoft51509.2021.9492685.

Z. Ali, F. Hussain, S. Ghazanfar, M. Husnain, S. Zahid, and G. A. Shah, "A Generic Machine Learning Approach for IoT Device Identification," 2021 International Conference on Cyber Warfare and Security (ICCWS), pp. 118-123, 2021, doi: 10.1109/ICCWS53234.2021.9702983.

R. El-Sayed, A. El-Ghamry, T. Gaber, and A. E. Hassanien, "Zero-Day Malware Classification Using Deep Features with Support Vector Machines," 2021 Tenth International Conference on Intelligent Computing and Information Systems (ICICIS), pp. 311-317, 2021, doi: 10.1109/ICICIS52592.2021.9694256.

K.-H. Le, M.-H. Nguyen, T.-D. Tran, and N.-D. Tran, “IMIDS: An Intelligent Intrusion Detection System against Cyber Threats in IoT,” Electronics, vol. 11, no. 4, p. 524, 2022, doi: 10.3390/electronics11040524.

H. Joo, H. Choi, C. Yun, and M. Cheon, “Efficient network traffic classification and visualizing abnormal part via Hybrid Deep Learning Approach: Xception+ bidirectional gru,” Global Journal of Computer Science and Technology, vol. 21, pp. 1-10, 2021.

G. Bendiab, S. Shiaeles, A. Alruban and N. Kolokotronis, "IoT Malware Network Traffic Classification using Visual Representation and Deep Learning," 2020 6th IEEE Conference on Network Softwarization (NetSoft), pp. 444-449, 2020, doi: 10.1109/NetSoft48620.2020.9165381.

H. Hindy, E. Bayne, M. Bures, R. Atkinson, C. Tachtatzis, X. Bellekens, “Machine learning based IoT intrusion detection system: An MQTT case study (MQTT-IoT-IDS2020 dataset),” in International Networking Conference, pp. 73-84, 2020, doi: 10.1007/978-3-030-64758-2_6.

J. Liu, B. Kantarci, and C. Adams, “Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset,” in Proceedings of the 2nd ACM workshop on wireless security and machine learning, pp. 25-30, 2020.

A. Amouri, V. T. Alaparthy, and S. D. Morgera, “A Machine Learning Based Intrusion Detection System for Mobile Internet of Things,” Sensors, vol. 20, no. 2, p. 461, 2020, doi: 10.3390/s20020461.

S. Fenanir, F. Semchedine, and A. Baadache, “A Machine Learning-Based Lightweight Intrusion Detection System for the Internet of Things,” Revue d'Intelligence Artificielle, vol. 33, no. 3, 2019.

N. Islam et al., “Towards Machine Learning Based Intrusion Detection in IoT Networks,” Computers, Materials & Continua, vol. 69, no. 2, 2021.

M. Ahmad, Q. Riaz, M. Zeeshan, H. Tahir, S. A. Haider, and M. S. Khan, “Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set,” J. Wireless Com. Network., vol. 2021, no. 1, pp. 10–23, 2021, doi: 10.1186/s13638-021-01893-8.

T. Saba, T. Sadad, A. Rehman, Z. Mehmood, and Q. Javaid, “Intrusion Detection System Through Advance Machine Learning for the Internet of Things Networks,” IT Prof., vol. 23, no. 2, pp. 58–64, 2021, doi: 10.1109/MITP.2020.2992710.

S. Smys, A. Basar, and H. Wang, “Hybrid intrusion detection system for internet of things (IoT),” Journal of ISMAC, vol. 2, no. 4, pp. 190-199, 2020.

S. Papafotikas and A. Kakarountas, "A Machine-Learning Clustering Approach for Intrusion Detection to IoT Devices," 2019 4th South-East Europe Design Automation, Computer Engineering, Computer Networks and Social Media Conference (SEEDA-CECNSM), pp. 1-6, 2019, doi: 10.1109/SEEDA-CECNSM.2019.8908520.

M. S. Farooq, S. Abbas, K. Sultan, M. A. Atta-ur-Rahman, M. A. Khan, and A. Mosavi, “A Fused Machine Learning Approach for Intrusion Detection System,” Tech Science Press, vol. 74, no. 2, pp. 2607 – 2623, 2023.

S. Sapre, P. Ahmadi, and K. Islam, “A robust comparison of the KDDCup99 and NSL-KDD IoT network intrusion detection datasets through various machine learning algorithms,” arXiv preprint arXiv:1912.13204, 2019.

S. U. Jan, S. Ahmed, V. Shakhov, and I. Koo, “Toward a Lightweight Intrusion Detection System for the Internet of Things,” IEEE Access, vol. 7, pp. 42450–42471, 2019, doi: 10.1109/ACCESS.2019.2907965.

M. Hasan, M. M. Islam, M. I. I. Zarif, and M. M. A. Hashem, “Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches,” Internet of Things, vol. 7, p. 100059, 2019, doi: 10.1016/j.iot.2019.100059.

O. H. Abdulganiyu, T. Ait Tchakoucht, and Y. K. Saheed, “A systematic literature review for network intrusion detection system (IDS),” Int. J. Inf. Secur., vol. 22, no. 5, pp. 1125–1162, 2023, doi: 10.1007/s10207-023-00682-2.

A. Khraisat and A. Alazab, “A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges,” Cybersecur., vol. 4, no. 1, pp. 1–27, 2021, doi: 10.1186/s42400-021-00077-7.

M. Mohy-eddine, A. Guezzaz, S. Benkirane, and M. Azrour, “An efficient network intrusion detection model for IoT security using K-NN classifier and feature selection,” Multimed. Tools Appl., vol. 82, no. 15, pp. 23615–23633, 2023, doi: 10.1007/s11042-023-14795-2.

M. Douiba, S. Benkirane, A. Guezzaz, and M. Azrour, “An improved anomaly detection model for IoT security using decision tree and gradient boosting,” J. Supercomput., vol. 79, no. 3, pp. 3392–3411, 2023, doi: 10.1007/s11227-022-04783-y.

M. Douiba, S. Benkirane, A. Guezzaz, and M. Azrour, “Anomaly detection model based on gradient boosting and decision tree for IoT environments security,” J. Reliable Intell. Environ., vol. 9, no. 4, pp. 421–432, 2023, doi: 10.1007/s40860-022-00184-3.

D. Mishra, B. Naik, P. B. Dash, and J. Nayak, “SEM: Stacking Ensemble Meta-Learning for IOT Security Framework,” Arab. J. Sci. Eng., vol. 46, no. 4, pp. 3531–3548, 2021, doi: 10.1007/s13369-020-05187-x.

A. Odeh and A. Abu Taleb, “Ensemble-Based Deep Learning Models for Enhancing IoT Intrusion Detection,” Appl. Sci., vol. 13, no. 21, p. 11985, 2023, doi: 10.3390/app132111985.

R. Majeed, N. A. Abdullah, M. Faheem Mushtaq, M. Umer, and M. Nappi, “Intelligent Cyber-Security System for IoT-Aided Drones Using Voting Classifier,” Electronics, vol. 10, no. 23, p. 2926, 2021, doi: 10.3390/electronics10232926.

A. Aldhaheri, F. Alwahedi, M. A. Ferrag, and A. Battah, “Deep learning for cyber threat detection in IoT networks: A review,” Internet of Things and Cyber-Physical Systems, vol. 4, pp. 110-128, 2024.

A. M. Banaamah and I. Ahmad, “Intrusion detection in iot using deep learning,” Sensors, vol. 22, no. 21, p. 8417, 2022.

I. Düntsch and G. Gediga, “Confusion matrices and rough set data analysis,” in Journal of Physics: Conference Series, vol. 1229, no. 1, p. 012055, 2019.

K. Maharana, S. Mondal, and B. Nemade, “A review: Data pre-processing and data augmentation techniques,” Global Transitions Proceedings, vol. 3, no. 1, pp. 91–99, 2022.

I. H. Sarker, “Machine Learning: Algorithms, Real-World Applications and Research Directions,” SN Comput. Sci., vol. 2, no. 3, pp. 160–21, 2021, doi: 10.1007/s42979-021-00592-x.

I. D. Mienye and Y. Sun, “A Survey of Ensemble Learning: Concepts, Algorithms, Applications, and Prospects,” IEEE Access, vol. 10, pp. 99129–99149, 2022, doi: 10.1109/ACCESS.2022.3207287.

M. A. Ganaie, M. Hu, A. K. Malik, M. Tanveer, and P. N. Suganthan, “Ensemble deep learning: A review,” Engineering Applications of Artificial Intelligence, vol. 115, p. 105151, 2022.

X. Dong, Z. Yu, W. Cao, Y. Shi, and Q. Ma, “A survey on ensemble learning,” Front. Comput. Sci., vol. 14, no. 2, pp. 241–258, 2020, doi: 10.1007/s11704-019-8208-z.

G. Naidu, T. Zuva, and E. M. Sibanda, “A Review of Evaluation Metrics in Machine Learning Algorithms,” in Computer Science On-line Conference, pp. 15-25, 2023.

P. Barbiero, G. Squillero, and A. Tonda, “Modeling generalization in machine learning: A methodological and computational study,” arXiv preprint arXiv:2006.15680. 2020.

T. Leinonen, D. Wong, A. Wahab, R. Nadarajah, M. Kaisti, and A. Airola, “Empirical investigation of multi-source cross-validation in clinical machine learning,” arXiv preprint arXiv:2403.15012, 2024.

D. Minh, H. X. Wang, Y. F. Li, and T. N. Nguyen, “Explainable artificial intelligence: a comprehensive review,” Artif. Intell. Rev., vol. 55, no. 5, pp. 3503–3568, 2022, doi: 10.1007/s10462-021-10088-y.

S. Dong, P. Wang, and K. Abbas, “A survey on deep learning and its applications,” Computer Science Review, vol. 40, p. 100379, 2021, doi: 10.1016/j.cosrev.2021.100379.