Author
Abstract
The increasing sophistication and frequency of cyberattacks have intensified the need for Intrusion Detection Systems (IDS) that are both accurate and adaptive. Traditional IDS, whether signature-based or anomaly-based, provides foundational protection but faces well-documented limitations: signature-based systems struggle against zero-day exploits, while anomaly-based systems often produce high false positive rates. To address these challenges, researchers and practitioners are increasingly turning to Machine Learning (ML) as a means of enhancing IDS capabilities. This paper explores the integration of ML techniques—supervised, unsupervised, and deep learning—into IDS frameworks and evaluates their effectiveness using widely recognized datasets, including NSL-KDD and CICIDS2017. Supervised learning methods such as Random Forest and Support Vector Machines (SVM) demonstrate strong classification abilities, while unsupervised clustering approaches offer promise in identifying novel attacks. Deep learning models, particularly Recurrent Neural Networks (RNNs), show state-of-the-art performance in capturing sequential traffic patterns and detecting subtle anomalies. In addition to model comparisons, this study emphasizes the practical relevance of ML-enhanced IDS by examining its integration with established tools like Snort and Zeek. Our results highlight that ML-driven IDS consistently outperforms traditional approaches, with RNNs and Random Forest achieving the highest balance of accuracy and efficiency. The findings underscore the potential of ML-based IDS to serve as the next frontier in cybersecurity, offering improved detection accuracy, reduced false alarms, and adaptability to evolving threats. At the same time, challenges remain in terms of dataset representativeness, computational demands, and the interpretability of deep learning models. By situating the analysis within both academic research and real-world deployment contexts, this paper contributes to a clearer understanding of the opportunities and trade-offs in advancing IDS through machine learning.
Suggested Citation
Muhammad Rashid, Arbab Masood Ahmad, Yasir Saleem Afridi, Rehmat Ullah, 2025.
"A Hybrid Machine-Learning Framework for Intrusion Detection: Comparative Evaluation and Statistical Validation,"
International Journal of Innovations in Science & Technology, 50sea, vol. 7(4), pages 2351-2364, October.
Handle:
RePEc:abq:ijist1:v:7:y:2025:i:4:p:2351-2364
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:abq:ijist1:v:7:y:2025:i:4:p:2351-2364. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Iqra Nazeer (email available below). General contact details of provider: .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/abq/ijist1/v7y2025i4p2351-2364.html
My bibliography
Save this article