{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T09:18:36Z","timestamp":1773739116374,"version":"3.50.1"},"reference-count":26,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2023,4,3]],"date-time":"2023-04-03T00:00:00Z","timestamp":1680480000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,4,3]],"date-time":"2023-04-03T00:00:00Z","timestamp":1680480000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Complex Intell. Syst."],"published-print":{"date-parts":[[2023,10]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The growth of Internet and the services provided by it has been growing exponentially in the past few decades. With such growth, there is also an ever-increasing threat to the security of networks. Several efficient countermeasures have been placed to deal with these threats in the network, such as the intrusion detection system (IDS). This paper proposes an ensemble learning-based method for building an intrusion detection model. The model proposed in this paper has relatively better overall performance than its individual classifiers. This ensemble model is constructed using lightweight machine learning models, i.e., Gaussian naive Bayes, logistic regression and decision tree as the base classifier and stochastic gradient descent as the meta-classifier. The performance of this proposed model and the individual classifiers used to build the ensemble model is trained and evaluated using three datasets, namely, KDD Cup 1999, UNSW-NB15 and CIC-IDS2017. The performance is evaluated for binary class as well as multiclass classifications. The proposed method also incorporates the usage of a feature selection method called Chi-square test to select only the most relevant features. The empirical results definitively prove that using an ensemble classifier can be immensely helpful in the field of intrusion detection system with unbalanced datasets where misclassifications can be costly.\n<\/jats:p>","DOI":"10.1007\/s40747-023-01013-7","type":"journal-article","created":{"date-parts":[[2023,4,3]],"date-time":"2023-04-03T10:11:46Z","timestamp":1680516706000},"page":"5693-5714","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":89,"title":["A novel ensemble learning-based model for network intrusion detection"],"prefix":"10.1007","volume":"9","author":[{"given":"Ngamba","family":"Thockchom","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7314-9645","authenticated-orcid":false,"given":"Moirangthem Marjit","family":"Singh","sequence":"additional","affiliation":[]},{"given":"Utpal","family":"Nandi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,4,3]]},"reference":[{"key":"1013_CR1","first-page":"1857","volume":"1","author":"TG Dietterich","year":"2000","unstructured":"Dietterich TG (2000) Ensemble methods in machine learning multiple classifier systems MCS 2000. Lect Note Comput Sci. 1:1857","journal-title":"Lect Note Comput Sci."},{"key":"1013_CR2","volume-title":"Outside the Closed World: On Using Machine Learning for Network Intrusion Detection","author":"R Sommer","year":"2010","unstructured":"Sommer R, Paxson V (2010) Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. IEEE Symposium on Security and Privacy, Berkeley\/Oakland, CA"},{"key":"1013_CR3","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1186\/s13673-018-0125-x","volume":"8","author":"A Souri","year":"2018","unstructured":"Souri A, Hosseini R (2018) A state-of-the-art survey of malware detection approaches using data mining techniques. Hum Cent Comput Inf Sci 8:3. https:\/\/doi.org\/10.1186\/s13673-018-0125-x","journal-title":"Hum Cent Comput Inf Sci"},{"key":"1013_CR4","volume-title":"Recent Advances in Intrusion Detection","author":"K Wang","year":"2004","unstructured":"Wang K, Stolfo SJ (2004) Anomalous Payload-Based Network Intrusion Detection. In: Jonsson E (ed) Recent Advances in Intrusion Detection. Lecture Notes in Computer Science, Heidelberg"},{"key":"1013_CR5","doi-asserted-by":"publisher","first-page":"2249","DOI":"10.35940\/ijeat.C5809.029320","volume":"9","author":"AR Sonule","year":"2020","unstructured":"Sonule AR, Kalla M (2020) Unsw-Nb15 Dataset and Machine Learning Based Intrusion Detection Systems. Inter J Eng Adv Technol. 9:2249\u20138958","journal-title":"Inter J Eng Adv Technol."},{"key":"1013_CR6","doi-asserted-by":"publisher","first-page":"442","DOI":"10.1016\/j.procs.2018.10.416","volume":"143","author":"TH Divyasree","year":"2018","unstructured":"Divyasree TH, Sherly KK (2018) A Network Intrusion Detection System Based On Ensemble CVM Using Efficient Feature Selection Approach. Procedia Comp Sci. 143:442\u2013449","journal-title":"Procedia Comp Sci."},{"key":"1013_CR7","first-page":"422","volume":"22","author":"Y Wang","year":"2016","unstructured":"Wang Y, Shen Y, Zhang G (2016) Research on intrusion detection model using ensemble learning methods. Inter Software Eng Ser Sci. 22:422\u2013425","journal-title":"Inter Software Eng Ser Sci."},{"key":"1013_CR8","doi-asserted-by":"publisher","first-page":"8938","DOI":"10.1007\/s11227-020-03196-z","volume":"76","author":"G Kumar","year":"2020","unstructured":"Kumar G, Thakur K, Ayyagari MR (2020) MLEsIDSs: machine learningbased ensembles for intrusion detection systems\u2014a review. J Supercomput 76:8938\u20138971. https:\/\/doi.org\/10.1007\/s11227-020-03196-z","journal-title":"J Supercomput"},{"key":"1013_CR9","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-020-04986-5","author":"H Rajadurai","year":"2020","unstructured":"Rajadurai H, Gandhi U (2020) A stacked ensemble learning model for intrusion detection in wireless network. Neural Comput & Applic. https:\/\/doi.org\/10.1007\/s00521-020-04986-5","journal-title":"Neural Comput & Applic"},{"key":"1013_CR10","first-page":"4586875","volume":"20","author":"S Rajagopal","year":"2020","unstructured":"Rajagopal S, Kundapur PP, Hareesha KS (2020) A Stacking ensemble for network intrusion detection using heterogeneous datasets\". Sec Commun Net 20:4586875","journal-title":"Sec Commun Net"},{"key":"1013_CR11","first-page":"2009","volume":"1","author":"M Sabhnani","year":"2003","unstructured":"Sabhnani M, Serpen G (2003) Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. Inter Mach Learn Model. 1:2009\u20132215","journal-title":"Inter Mach Learn Model."},{"issue":"4","key":"1013_CR12","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1016\/j.cose.2004.09.008","volume":"24","author":"S Chebrolu","year":"2005","unstructured":"Chebrolu S, Abraham A, Thomas J (2005) Feature deduction and ensemble design of intrusion detection systems. Comput Secur 24(4):295\u2013307","journal-title":"Comput Secur"},{"key":"1013_CR13","first-page":"105","volume-title":"Applications of information systems to homeland security and defense","author":"A Abraham","year":"2005","unstructured":"Abraham A, Thomas J (2005) Distributed intrusion detection systems: a computational intelligence approach. In: Abbass HA, Essam D (eds) Applications of information systems to homeland security and defense. Idea Group Inc., Publishers, Hershey, pp 105\u2013135"},{"issue":"2","key":"1013_CR14","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1016\/j.jnca.2004.01.003","volume":"28","author":"S Mukkamala","year":"2005","unstructured":"Mukkamala S, Sung A, Abraham A (2005) Intrusion detection using an ensemble of intelligent paradigms. J Netw Comput Appl 28(2):167\u2013182","journal-title":"J Netw Comput Appl"},{"key":"1013_CR15","first-page":"217","volume":"4","author":"A Zainal","year":"2009","unstructured":"Zainal A, Maarof M, Shamsuddin S et al (2009) Ensemble classifers for network intrusion detection system. J Inf Assur Secur 4:217\u2013225","journal-title":"J Inf Assur Secur"},{"issue":"24","key":"1013_CR16","doi-asserted-by":"publisher","first-page":"4097","DOI":"10.1016\/j.ins.2009.08.025","volume":"179","author":"E Menahem","year":"2009","unstructured":"Menahem E, Rokach L, Elovici Y (2009) Troika\u2014an improved stacking schema for classifcation tasks. Inf Sci 179(24):4097\u20134122","journal-title":"Inf Sci"},{"issue":"4","key":"1013_CR17","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1080\/18756891.2013.802114","volume":"6","author":"Y Meng","year":"2013","unstructured":"Meng Y, Kwok LF (2013) Enhancing false alarm reduction using voted ensemble selection in intrusion detection. Int J Computl Intell Syst 6(4):626\u2013638","journal-title":"Int J Computl Intell Syst"},{"key":"1013_CR18","doi-asserted-by":"publisher","first-page":"989","DOI":"10.1109\/IntelliSys.2015.7361264","volume":"22","author":"NF Haq","year":"2015","unstructured":"Haq NF, Onik AR, Shah FM (2015) An ensemble framework of anomaly detection using hybridized feature selection approach (hfsa). SAI Intel Syst Confer (IntelliSys). 22:989\u2013995","journal-title":"SAI Intel Syst Confer (IntelliSys)."},{"key":"1013_CR19","volume-title":"Advances in computer science and ubiquitous computing","author":"BA Tama","year":"2015","unstructured":"Tama BA, Rhee KH (2015) A combination of PSO-based feature selection and tree-based classifers ensemble for intrusion detection systems. In: Rhee KH (ed) Advances in computer science and ubiquitous computing. Springer, Newyork"},{"key":"1013_CR20","doi-asserted-by":"publisher","first-page":"0167","DOI":"10.1016\/j.cose.2017.06.005","volume":"70","author":"C Khammassi","year":"2017","unstructured":"Khammassi C, Krichen S (2017) A GA-LR wrapper approach for feature selection in network intrusion detection. Comp Sec 70:0167\u20134048. https:\/\/doi.org\/10.1016\/j.cose.2017.06.005","journal-title":"Comp Sec"},{"key":"1013_CR21","doi-asserted-by":"publisher","first-page":"103285","DOI":"10.1016\/j.micpro.2020.103285","volume":"79","author":"N Satheesh","year":"2020","unstructured":"Satheesh N, Rathnamma MV, Rajeshkumar G, Vidya Sagar P, Pankaj Dadheech SR, Dogiwal PV, Sengan S (2020) Flow-based anomaly intrusion detection using machine learning model with software defined networking for OpenFlow network. Microproc Microsyst. 79:103285","journal-title":"Microproc Microsyst."},{"key":"1013_CR22","first-page":"102899","volume":"61","author":"NB Singh","year":"2021","unstructured":"Singh NB, Singh MM, Sarkar A, Mandal JK (2021) A novel wide & deep transfer learning stacked GRU framework for network intrusion detection. J Inform Security Appl. 61:102899","journal-title":"J Inform Security Appl."},{"key":"1013_CR23","doi-asserted-by":"publisher","first-page":"103261","DOI":"10.1016\/j.micpro.2020.103261","volume":"79","author":"S Manimurugan","year":"2020","unstructured":"Manimurugan S, Majdi A-q, Mustaffa Mohmmed C, Narmatha RV (2020) Intrusion detection in networks using crow search optimization algorithm with adaptive neuro-fuzzy inference system. Microproc Microsysts. 79:103261","journal-title":"Microproc Microsysts."},{"key":"1013_CR24","first-page":"1","volume":"55","author":"T Hwang","year":"2007","unstructured":"Hwang T, Lee T, Lee Y (2007) A three-tier ids via data mining approach. Proc ACM Workshop Min Net. 55:1\u20136","journal-title":"Proc ACM Workshop Min Net."},{"issue":"4","key":"1013_CR25","doi-asserted-by":"publisher","first-page":"507","DOI":"10.1007\/s00778-006-0002-5","volume":"16","author":"L Khan","year":"2007","unstructured":"Khan L, Awad M, Thuraisingham B (2007) A new intrusion detection system using support vector machines and hierarchical clustering. VLDB J Int J Very Large Data Bases 16(4):507\u2013521","journal-title":"VLDB J Int J Very Large Data Bases"},{"issue":"3","key":"1013_CR26","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1109\/MCAS.2006.1688199","volume":"6","author":"R Polikar","year":"2006","unstructured":"Polikar R (2006) Ensemble based systems in decision making. IEEE Circuits Syst Mag 6(3):21\u201345","journal-title":"IEEE Circuits Syst Mag"}],"container-title":["Complex &amp; Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s40747-023-01013-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s40747-023-01013-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s40747-023-01013-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,22]],"date-time":"2023-09-22T17:24:52Z","timestamp":1695403492000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s40747-023-01013-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,3]]},"references-count":26,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2023,10]]}},"alternative-id":["1013"],"URL":"https:\/\/doi.org\/10.1007\/s40747-023-01013-7","relation":{},"ISSN":["2199-4536","2198-6053"],"issn-type":[{"value":"2199-4536","type":"print"},{"value":"2198-6053","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,4,3]]},"assertion":[{"value":"2 August 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 February 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 April 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"There are no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}