Enhancing Cybersecurity with Machine Learning: Development and Evaluation of Intrusion Detection Systems (Published)
The widespread adoption of digital networks and information systems has transformed modern society, but it has also led to a surge in sophisticated cyber threats such as malware, phishing, denial-of-service (DoS) attacks, ransomware, and advanced persistent threats (APTs). Traditional rule-based security systems are increasingly ineffective against these evolving threats, often failing to detect novel attack patterns, leading to false positives, missed detections, and delayed responses. This study aimed to address these challenges by applying machine learning algorithms to improve the accuracy and efficiency of cyber-attack detection. Using the UNSW-NB15 dataset, which contains 175,341 training and 82,332 testing records representing both benign and malicious network traffic with 49 relevant features, the research applied synthetic minority over-sampling technique (SMOTE) to balance the dataset and principal component analysis (PCA) to reduce feature dimensionality by retaining up to 95% of data variance. Five machine learning models Support Vector Machine (SVM), K-Nearest Neighbors (KNN), Artificial Neural Network (ANN), Decision Tree, and Random Forest were trained and evaluated using metrics such as accuracy, precision, recall, and F1 score.The results demonstrated that KNN achieved the highest accuracy of 94.69%, with balanced precision (95.31%), recall (93.96%), and F1 score (94.63%), showing robust classification of both attack and non-attack instances. Random Forest and ANN also showed strong performances with accuracies of 92.81% and 95%, respectively, highlighting their effectiveness in handling complex cybersecurity data. SVM and Decision Tree had slightly lower accuracies of 90.88% and 92.22%. These findings confirm the value of machine learning, especially KNN and ensemble methods, for real-world intrusion detection. Regular model retraining is essential to address emerging attack patterns and maintain effective cybersecurity defenses.
Keywords: Feature Selection, cyber security, cyber threats, intrusion detection, machine learning