An Incremental Learning Framework for Enhancing Intrusion Detection System Using the Random Forest Algorithm

Farid, Raihan (2025) An Incremental Learning Framework for Enhancing Intrusion Detection System Using the Random Forest Algorithm. Other thesis, Institut Teknologi Sepuluh Nopember.

[thumbnail of 5025201141-Undergraduate_Thesis.pdf] Text
5025201141-Undergraduate_Thesis.pdf - Accepted Version
Restricted to Repository staff only until 1 April 2027.

Download (4MB) | Request a copy

Abstract

Penelitian ini mengusulkan kerangka kerja pembelajaran mandiri untuk meningkatkan Sistem Deteksi Intrusi (IDS) dengan memanfaatkan pendekatan pembelajaran inkremental, yang memungkinkan model untuk terus beradaptasi dengan data baru tanpa pelatihan ulang penuh, mengatasi keterbatasan deteksi berbasis tanda tangan tradisional dan kesulitan dalam menangani data besar. Kerangka kerja ini menggunakan kombinasi algoritma, termasuk Random Forest (RF), XGBoost (XGB), dan LightGBM (LGB), melalui metode ensemble, serta metode pemilihan fitur seperti Principal Component Analysis (PCA) dan Recursive Feature Elimination (RFE) untuk meningkatkan efisiensi dan akurasi model. Selain itu, studi ini mengeksplorasi Jaringan Syaraf Tiruan Berulang (RNN) sekuensial dengan berbagai pengoptimal dan fungsi aktivasi. Tujuan utama dari penelitian ini adalah untuk mengevaluasi efektivitas model pembelajaran inkremental dengan pelatihan mini-batch, membandingkan kinerja model jaringan saraf dan algoritma asli, dan menganalisis dampak ketidakseimbangan kelas dalam data lalu lintas jaringan dan pengaruh pemilihan fitur. Hasil penelitian ini menunjukkan bahwa algoritma XGBoost dan Random Forest memiliki kinerja yang sedikit lebih tinggi dibandingkan dengan ensembled-nya, sedangkan LightGBM memiliki kinerja yang sama dengan ensembled. Sedangkan jaringan syaraf tiruan mengakibatkan terjadinya overfitting pada model pada dataset tersebut, sehingga mengakibatkan jaringan syaraf tiruan tersebut memiliki kemampuan yang lebih tinggi dibandingkan dengan algoritma native ensembled
===================================================================================================================================
This research proposes a self-learning framework to enhance Intrusion Detection Systems (IDS) by utilizing an incremental learning approach, which enables the model to continuously adapt to new data without full retraining, addressing the limitations of traditional signature- based detection and the difficulties in handling big data. This framework employs a combination of algorithms, including Random Forest (RF), XGBoost (XGB), and LightGBM (LGB), through an ensemble method, as well as feature selection methods such as Principal Component Analysis (PCA) and Recursive Feature Elimination (RFE) to improve model efficiency and accuracy. Additionally, this study explores sequential Recurrent Neural Networks (RNN) with various optimizers and activation functions. The main objective of this research is to evaluate the effectiveness of incremental learning models with mini-batch training, compare the performance of neural network models and native algorithms, and analyze the impact of class imbalance in network traffic data and the influence of feature selection. The results of this research provided that XGBoost and Random Forest algorithm has slightly higher performance than its ensembled, while the LightGBM has similiar performance with the ensembled.While the neural network resulting in overfitting of the model in the said dataset, resulting in the neural network has higher capabilities than ensembling native algorithm.

Item Type: Thesis (Other)
Uncontrolled Keywords: Incremental Learning, Random Forest, XGBoost, LightGBM, Intrusion Detection Systems. Pembelajaran inkremental, XGBoost, LightGBM, Sistem Deteksi Intrusi, Hutan Acak
Subjects: T Technology > T Technology (General) > T57.5 Data Processing
Divisions: Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Informatics Engineering > 55201-(S1) Undergraduate Thesis
Depositing User: Raihan Farid
Date Deposited: 03 Feb 2025 08:49
Last Modified: 03 Feb 2025 08:49
URI: http://repository.its.ac.id/id/eprint/117980

Actions (login required)

View Item View Item