ENIDS: A Deep Learning-Based Ensemble Framework for Network Intrusion Detection Systems

Rapid and widespread adoption of emerging Information Technology (IT) infrastructures and services in commercial and private endeavors opens new horizons for novel cyberattacks. Network Intrusion Detection Systems (NIDS) gained attention as an effective means of combating various cyber threats. Recent research demonstrates the potency of machine learning (ML) and deep learning (DL) approaches in the development of NIDS. In this paper, we propose a DL-based framework called the Ensemble Framework for Network Intrusion Detection System (ENIDS) to detect various types of cyberattacks, which includes dynamic data pre-processing, optimal feature selection, the handling of imbalanced data samples, and a DL-based ensemble model. Our DL-based ensemble model is comprised of two layers: the base learner and the meta-learner. The base learner is composed of three robust DL models: convolutional neural networks (CNN), long short-term memory (LSTM), and gated recurrent units (GRU), and the meta-learner is a deep neural network (DNN) model. The proposed framework experimented with two publicly available and popular network traffic datasets, namely UNSW-15 and CICIDS-2017. In the UNSW-15 and CICIDS-2017 datasets, our proposed framework detects cyberattacks with an accuracy of 90.6% and 99.6% and an F1-score of 90.5 and 99.6%, respectively. According to experimental findings, the proposed ensemble framework outperforms existing state-ofthe-art approaches and demonstrates better performance than benchmark DL methods in terms of accuracy, F1-score, and execution time for training and testing.