Leveraging stacking machine learning models and optimization for improved cyberattack detection.

The ever-growing number of complex cyber attacks requires the need for high-level intrusion detection systems (IDS). While the available research deals with traditional, hybrid, and ensemble methods for network data analysis, serious challenges are still being met in terms of producing robust and highly accurate detection systems. There are high hurdles in managing high-dimensional network traffic since current methodologies are limited in dealing with imbalanced data issues of minority classes versus the majority and high false positive rate in classification accuracy. This study introduces an innovative framework that directly addresses these persistent challenges through a novel approach to intrusion detection. The proposed method integrates two ML models: J48 and ExtraTreeClassifier for classification. Besides, we propose an improved equilibrium optimizer (EO) approach whereby the previous EO is modified. In this enhanced equilibrium optimizer (EEO), the Fisher score and accuracy score of the K-Nearest Neighbors (KNN) algorithm select the attributes optimally, whereas the synthetic minority oversampling technique combined with iterative partitioning filters (SMOTE-IPF) used to provide class balancing. The KNN technique is also used for data imputation to improve the overall system accuracy. The superior performance of the framework has been validated experimentally on several benchmark datasets, i.e., NSL-KDD, and UNSW-NB15, achieving 99.7% and 98.1% accuracy and F1 score 99.6 and 98.0 respectively. By subjecting the system to a comparative analysis with recent state-of-the-art works, this paper has shown that the proposed methodology yields better improvement in feature selection precision classification accuracy, handling of minority class instance, less demanding storage and computational efficiency.