ABSTRACT
Due to their vulnerabilities, networks are increasingly susceptible to cyberattacks. Therefore, the goal of cybersecurity is to ensure that networks are as secure as possible by deploying safeguards that can identify malicious behavior. Firewalls and traditional intrusion detection systems (IDS) have the disadvantage of needing constant updates to their defined databases in order to detect new threats. The present practice in IDS is to use machine learning (ML) models to create more trustable, moderate systems. This study proposed an ML-based IDS model with model interpretability. The dataset is undergoing a preprocessing technique in which feature selection and data balancing are performed to mitigate the bias of the ML classifiers. We use six benchmark ML algorithms, namely Random Forest (RF), Extreme Gradient Boosting, Gradient Boosting Classifier, K-Nearest Neighbor (KNN), Adaptive Boosting, and Logistic Regression. The performance of the algorithms is good in terms of all classification evaluation parameters. Among the classifier’s RF, it shows superiority. RF shows 98% accuracy with 98% precision, recall, and f1 score. This study focuses on the interpretability of ML models beside the classification task. The contribution of individual features helps to find the most dangerous feature to detect intrusion in a network. The proposed IDS model acts as a canine guardian to identify various types of network threats. Researchers in the field of cybersecurity hope that the information gleaned from this study will aid them in developing a simplified yet effective IDS model for use with emerging technologies.
