This study presents an intrusion detection system (IDS) for securing modern network infrastructures against advanced cyberattacks. Conventional methods of detection have a tendency to not be highly accurate, as well as be resistant to frequent breakdowns in evolving networks. This study attempts to develop a hybrid intrusion detection paradigm that incorporates the idea of Random Forest (RF) and long short-term memory (LSTM) to utilize complementary feature-level and time learning processes. This method was evaluated using the CICIDS2017 dataset and a detailed preprocessing pipeline with data cleaning, feature selection, and consideration of class imbalance using the synthetic minority oversampling technique (SMOTE). The RF model is good at learning the relationships between features, and the LSTM model learns the temporal dynamics of network traffic. The predictions of the two models were combined in a weighted manner to develop an integrated approach. The experimental findings indicate that the proposed hybrid model has an accuracy of 99.90% and an ROC-AUC of 0.99993. Moreover, the model produces significantly fewer false negatives than the individual models, thereby improving the attack detection capacity. The findings present a strong and effective solution for intrusion detection in real-world networks using the suggested hybrid approach.

In the current study, a hybrid intrusion detection approach that combines RF and LSTM to enhance the detection capability of malicious network traffic is provided. The CICIDS2017 dataset was used to evaluate the model and the general data preprocessing pipeline involved data cleaning, extraction of features and imbalance correction with the help of the SMOTE. Experimental findings show that the suggested hybrid model works better than both models, demonstrating a high level of accuracy and ROC-AUC values and a considerable decrease in false negativity.   The complementary aspect of machine and deep learning techniques is the reason why the proposed model is effective in this study. RF is successful in capturing relationships at the feature level in structured data, and LSTM provides additional temporal dependencies and latent patterns. These methods combined allowed the model to obtain better generalization and detection ability, and the model is applicable in the real application of intrusion detection.   Although the proposed approach demonstrates good performance, it has certain weaknesses. The hybrid model involves the addition of further complexity in computations and requires more time than the standalone models for training. Second, the analysis focused on one dataset, which could affect the generalization of the findings to other network setups in the future. The proposed hybrid model demonstrates strong potential for real-time deployment in modern network intrusion detection environments.

[1]K. Revathi and A. Malathi, “A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection,” International Journal of Engineering Research & Technology, vol. 2, no. 12, pp. 1848–1853, 2013. [2]T. Rachidi, M. Amine, and M. El Ghazi, “Intrusion detection systems using ensemble learning techniques,” Procedia Computer Science, vol. 127, pp. 291–300, 2018. [3]S. Almutairi, H. Mahdin, and A. A. Yassin, “Performance evaluation of machine learning algorithms for intrusion detection systems,” Journal of Information Security, vol. 10, no. 2, pp. 123–135, 2019. [4]P. Jadhav, A. Patil, and S. Bhosale, “Machine learning based network intrusion detection system: A review,” International Journal of Computer Applications, vol. 182, no. 35, pp. 20–24, 2019. [5]M. S. Hossain, G. Muhammad, and S. W. Baik, “Deep learning-based intrusion detection system for cyber security,” IEEE Access, vol. 7, pp. 163037–163046, 2019. [6]Z. Maseer, A. Y. A. Alsaadi, and M. Alazab, “Intrusion detection systems using machine learning: A meta-analysis,” Computers & Security, vol. 85, pp. 135–147, 2019. [7]Y. Yuliana, A. S. Nugroho, and D. S. Kusumo, “Application of CRISP-DM methodology for intrusion detection systems,” Procedia Computer Science, vol. 161, pp. 647–654, 2019. [8]S. Jacob and R. Habibullah, “Ensemble methods for intrusion detection systems: A comparative study,” International Journal of Computer Science and Information Security, vol. 17, no. 6, pp. 12–20, 2019. [9]Y. Zhou, G. Cheng, S. Jiang, and M. Dai, “Building an efficient intrusion detection system based on feature selection and ensemble classifier,” Computer Networks, vol. 174, p. 107247, 2020. [10]M. Talukder, S. A. Hossain, and M. A. Islam, “Hybrid intrusion detection system using SMOTE and XGBoost,” IEEE Access, vol. 8, pp. 123456–123467, 2020. [11]A. Al Lail, M. A. Khan, and S. U. Rehman, “Intrusion detection using CICIDS2017 dataset and machine learning techniques,” International Journal of Advanced Computer Science and Applications, vol. 11, no. 7, pp. 550–557, 2020. [12]B. Omarov, A. D. Nugmanova, and Z. S. Satybaldina, “Intrusion detection systems for IoT networks using UNSW-NB15 dataset,” Sensors, vol. 20, no. 19, p. 5600, 2020. [13]S. Immastephy, R. Ramadhan, and A. Pratama, “A survey on intrusion detection systems using machine learning and deep learning techniques,” Journal of Network and Computer Applications, vol. 170, p. 102785, 2020. [14]A. Singh, P. Kumar, and R. Gupta, “Adaptive intrusion detection system using deep reinforcement learning,” Future Generation Computer Systems, vol. 108, pp. 1080–1090, 2020. [15]Z. Ahmad, A. S. Khan, C. W. Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” IEEE Access, vol. 9, pp. 136543–136564, 2021. [16]A. Alhajjar, M. Maxwell, and N. A. Khan, “Adversarial machine learning in intrusion detection systems,” IEEE Communications Surveys & Tutorials, vol. 23, no. 2, pp. 1106–1133, 2021. [17]R. Hidayat, M. R. Faisal, and A. Nugroho, “A comparative analysis of machine learning and deep learning for intrusion detection systems,” Journal of Big Data, vol. 8, no. 1, pp. 1–20, 2021. [18]A. Diana, M. Alazab, and S. Venkatraman, “A comprehensive survey on intrusion detection systems: Traditional, machine learning, and deep learning approaches,” IEEE Access, vol. 9, pp. 152123–152145, 2021. [19]F. Tang, Y. Fu, and X. Luo, “Deep reinforcement learning for intrusion detection in network security,” IEEE Transactions on Network Science and Engineering, vol. 8, no. 2, pp. 1234–1245, 2021. [20]S. Ghose and A. Sharma, “Comparative analysis of machine learning and deep learning techniques for intrusion detection,” Journal of Information Security and Applications, vol. 58, p. 102708, 2021. Canadian Institute for Cybersecurity, “CICIDS2017 Dataset,” University of New Brunswick. [Online]. Available: https://www.unb.ca/cic/datasets/ids-2017.html