Authors :
Bibhuti Bhusan Parida; Basta Besra; Basta Hembram; Binod Singh; Binu Singh Munda
Volume/Issue :
Volume 11 - 2026, Issue 5 - May
Google Scholar :
https://tinyurl.com/4v7vxcaf
Scribd :
https://tinyurl.com/277c24yd
DOI :
https://doi.org/10.38124/ijisrt/26may2139
Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.
Abstract :
The rapid growth of network-based applications has significantly increased the risk of cyber-attacks, making accurate and efficient intrusion detection systems essential for modern network security. Traditional intrusion detection approaches often suffer from high computational complexity, limited scalability, and reduced detection performance when dealing with large-scale network traffic. This paper presents an adaptive intrusion detection framework based on the Light Gradient Boosting Machine (LightGBM) algorithm for efficient classification of network intrusions. The proposed framework employs data preprocessing, feature engineering, and feature importance analysis to identify the most relevant network traffic attributes from the UNSW-NB15 dataset. LightGBM is utilized as the primary classification engine due to its fast-training capability, low memory consumption, and superior predictive performance. To improve interpretability and facilitate security analysis, feature importance scores are incorporated to explain attack detection decisions. The performance of the proposed model is evaluated using accuracy, precision, recall, F1-score, and receiver operating characteristic metrics. Experimental results demonstrate that the proposed approach achieves high detection accuracy while maintaining low computational overhead, making it suitable for real-time intrusion detection applications. Comparative analysis with conventional machine learning classifiers indicates the effectiveness and robustness of the proposed LightGBM-based intrusion detection framework for modern cybersecurity environments.
Keywords :
Intrusion Detection System, Network Security, LightGBM, Machine Learning, Cyber Attack Detection, Feature Selection, Explainable Artificial Intelligence, UNSW-NB15.
References :
- W. Stallings, Network Security Essentials: Applications and Standards, 6th ed., Pearson Education, 2017.
- A. A. Ghorbani, W. Lu, and M. Tavallaee, Network Intrusion Detection and Prevention: Concepts and Techniques, Springer, 2010.
- R. Sommer and V. Paxson, "Outside the Closed World: On Using Machine Learning for Network Intrusion Detection," in Proceedings of the IEEE Symposium on Security and Privacy, 2010, pp. 305–316.
- M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A Detailed Analysis of the KDD CUP 99 Dataset," in Proceedings of the IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, pp. 1–6.
- S. M. Kasongo and Y. Sun, "Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset," Journal of Big Data, vol. 7, no. 105, pp. 1–20, 2020.
- M. Ring, D. Landes, D. Wunderlich, S. Scheuring, D. Landes, and A. Hotho, "A Survey of Network-Based Intrusion Deection Data Sets," Computers & Security, vol. 86, pp. 147–167, 2019.
- G. Ke, Q. Meng, T. Finley, T. Wang, W. Chen, W. Ma, Q. Ye, and T.-Y. Liu, "LightGBM: A Highly Efficient Gradient Boosting Decision Tree," in Advances in Neural Information Processing Systems (NeurIPS), vol. 30, 2017.
- N. Moustafa and J. Slay, "UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set)," in Military Communications and Information Systems Conference (MilCIS), IEEE, 2015, pp. 1–6.
- N. Moustafa and J. Slay, "The Evaluation of Network Anomaly Detection Systems: Statistical Analysis of the UNSW-NB15 Dataset and the Comparison with the KDD99 Dataset," Information Security Journal: A Global Perspective, vol. 25, no. 1–3, pp. 18–31, 2016.
- M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, "Building an Intrusion Detection System Using a Filter-Based Feature Selection Algorithm," IEEE Transactions on Computers, vol. 65, no. 10, pp. 2986–2998, 2016.
- I. Almomani, B. Al-Kasasbeh, and M. Al-Akhras, "WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks," Journal of Sensors, vol. 2016, Article ID 4731953, 2016.
- N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, "A Deep Learning Approach to Network Intrusion Detection," IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41–50, 2018.
- J. Kim, J. Kim, H. L. T. Thu, and H. Kim, "Long Short-Term Memory Recurrent Neural Network Classifier for Intrusion Detection," International Conference on Platform Technology and Service, pp. 1–5, 2016.
- G. Ke, Q. Meng, T. Finley, T. Wang, W. Chen, W. Ma, Q. Ye, and T. Y. Liu, "LightGBM: A Highly Efficient Gradient Boosting Decision Tree," Advances in Neural Information Processing Systems, vol. 30, pp. 3146–3154, 2017.
- Y. Zhou, G. Cheng, S. Jiang, and M. Dai, "Building an Efficient Intrusion Detection System Based on Feature Selection and Ensemble Classifier," Computer Networks, vol. 174, Article 107247, 2020.
- H. Liu and H. Motoda, Feature Selection for Knowledge Discovery and Data Mining, Springer, 2012.
- M. Ring, S. Wunderlich, D. Grüdl, D. Landes, and A. Hotho, "Flow-Based Benchmark Data Sets for Intrusion Detection," Proceedings of the 16th European Conference on Cyber Warfare and Security, pp. 361–369, 2017.
The rapid growth of network-based applications has significantly increased the risk of cyber-attacks, making accurate and efficient intrusion detection systems essential for modern network security. Traditional intrusion detection approaches often suffer from high computational complexity, limited scalability, and reduced detection performance when dealing with large-scale network traffic. This paper presents an adaptive intrusion detection framework based on the Light Gradient Boosting Machine (LightGBM) algorithm for efficient classification of network intrusions. The proposed framework employs data preprocessing, feature engineering, and feature importance analysis to identify the most relevant network traffic attributes from the UNSW-NB15 dataset. LightGBM is utilized as the primary classification engine due to its fast-training capability, low memory consumption, and superior predictive performance. To improve interpretability and facilitate security analysis, feature importance scores are incorporated to explain attack detection decisions. The performance of the proposed model is evaluated using accuracy, precision, recall, F1-score, and receiver operating characteristic metrics. Experimental results demonstrate that the proposed approach achieves high detection accuracy while maintaining low computational overhead, making it suitable for real-time intrusion detection applications. Comparative analysis with conventional machine learning classifiers indicates the effectiveness and robustness of the proposed LightGBM-based intrusion detection framework for modern cybersecurity environments.
Keywords :
Intrusion Detection System, Network Security, LightGBM, Machine Learning, Cyber Attack Detection, Feature Selection, Explainable Artificial Intelligence, UNSW-NB15.