Treffer: Adaptive Hybrid Information Gain and Autoencoder-Based Feature Selection with Ensemble Recurrent Extreme Learning Machine for Enhanced Network Intrusion Detection Systems.

Intrusion Detection Systems (IDSs) play a crucial role in addressing the constantly rising, dynamic, and high-speed network cyber threats. Traditional signature-based systems are generally ineffective at detecting zero-day or low-frequency attacks. This research aims to enhance real-time intrusion detection by designing an optimized hybrid model that incorporates information gain, autoencoder-based feature reduction, and a gradient boosting ensemble classifier. The method employs a two-step feature selection process, first utilizing information gain to select discriminative features, followed by the application of autoencoder-based dimension reduction. The resulting features are used to train the ensemble of XGBoost, LightGBM, and CatBoost classifiers. Experiments were conducted on the CICIDS2018 dataset, which has over 1 million network traffic samples. All the ensemble classifiers demonstrated excellent detection performance, with ROC-AUC values exceeding 0.90 for all three. 99% accuracy and 80% recall were achieved for DDoS attack detection. The performance worsened for minority attack types such as botnets and brute-force attacks, with recall values of 37% and 28%, respectively. These findings demonstrate that the suggested system is efficient in detecting large-scale and high-frequency attacks, with its modularity and scalability enabling real-time feasibility. The problem of minority attack detection remains, however. Future work entails addressing class imbalance and exploring adaptive deep learning models for enhanced detection of rare attack classes. [ABSTRACT FROM AUTHOR]