Enhancing Intrusion Detection Systems by Integrating Support Vector Machine and Random Forest Classifiers Using Dempster-Shafer Theory

doi:10.25139/inform.v11i1.11075

Authors

DOI:

https://doi.org/10.25139/inform.v11i1.11075

Keywords:

Intrusion Detection Systems, Support Vector Machine, Random Forest, Dempster-Shafer Theory, Cybersecurity

Abstract

The role of Intrusion Detection System (IDS) in defending the networks against the increasing stages of cyberattacks is critical. However, single machine learning models tend to be ineffective due to data imbalances, variability in attack patterns, and ambiguity in network traffic. To address these issues, this paper introduces a hybrid IDS architecture based on Support Vector Machine (SVM) and Random Forest (RF) classifiers, with evidence fusion using the Dempster-Shafer Theory (DST). The strategy leverages the high-quality boundary detection of SVM and the strength of an ensemble of RF. At the same time, DST offers a principled approach to dealing with uncertainty and integrating conflicting evidence. As a benchmark, the CSE-CIC-IDS2018 dataset, a set of labelled benign and multiple-attack traffic flows, was used. Stratified train-test partitioning with a fixed random seed, feature standardization, and class balancing using the Synthetic Minority Oversampling Technique (SMOTE) were considered data pre-processing steps for RF. An SVM trained and optimized with RAPIDS cuML on GPUs was trained and optimized via a grid search over selected hyperparameters. To unify the strengths of models, we further integrated classifier outputs using Dempster-Shafer Theory (DST), which transforms probabilistic outputs into belief assignments and yields an ultimate decision based on the belief assignment with the highest value. The models exhibit high predictive ability, as demonstrated by the experimental results. The DST-based fusion outperformed the two individual classifiers, achieving 97.84% accuracy, 97.41% precision, 94.96% recall, and 96.17% F1-score. In this paper, we show that combining classifiers using DST results in a substantial, computable gain over single-model methods. It is the novelty of using DST-based IDS fusion as well to enhance robustness and balanced detection. These results confirm the value of DST-based fusion in improving IDS performance. These results confirm that combining SVM and RF with DST yields a more robust, reliable IDS. In addition to improving the capability for precise threat discovery, this approach also has certain implications for uncertainly evolving network circumstances, highlighting its suitability for actual-world cybersecurity applications.

References

H. Asad, S. Adhikari, and I. Gashi, "A perspective–retrospective analysis of diversity in signature-based open-source network intrusion detection systems," Int J Inf Secur, vol. 23, no. 2, pp. 1331–1346, 2024.

J. Azimjonov and T. Kim, "A comprehensive empirical analysis of data sets, regression-based feature selectors, and linear SVM classifiers for intrusion detection systems," IEEE Internet Things J, vol. 11, no. 21, pp. 34676–34693, 2024.

A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, "Survey of intrusion detection systems: techniques, datasets and challenges," Cybersecurity, vol. 2, no. 1, pp. 1–22, 2019.

W. Qiu, Y. Ma, X. Chen, H. Yu, and L. Chen, "Hybrid intrusion detection system based on Dempster-Shafer evidence theory," Comput Secur, vol. 117, p. 102709, 2022.

L. Diana, P. Dini, and D. Paolini, "Overview on intrusion detection systems for computers networking security," Computers, vol. 14, no. 3, p. 87, 2025.

A. A. Hagar, D. G. Chaudhary, A. Al-Bakhrani, and B. W. Gawali, "Big data analytic using machine learning algorithms for intrusion detection system: A survey," in International Journal of Mechanical and Production Engineering Research and Development (IJMPERD), 2020, pp. 6063–6084.

N. Mohamed, "Artificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms," Knowl Inf Syst, pp. 1–87, 2025.

R. Zuech, T. M. Khoshgoftaar, and R. Wald, "Intrusion detection and big heterogeneous data: a survey," J Big Data, vol. 2, no. 1, p. 3, 2015.

H. Bakır and Ö. Ceviz, "Empirical enhancement of intrusion detection systems: a comprehensive approach with genetic algorithm-based hyperparameter tuning and hybrid feature selection," Arab J Sci Eng, vol. 49, no. 9, pp. 13025–13043, 2024.

A. Ali, S. Naeem, S. Anam, and M. M. Ahmed, "Machine learning for intrusion detection in cyber security: Applications, challenges, and recommendations," UMT Artif. Intell. Rev, vol. 2, no. 2, pp. 41–64, 2022.

H. A. Al Essa and W. S. Bhaya, "Ensemble learning classifiers hybrid feature selection for enhancing performance of intrusion detection system," Bulletin of Electrical Engineering and Informatics, vol. 13, no. 1, pp. 665–676, 2024.

V. Sharma and D. J. Shah, "Ensemble Learning Classifiers and Hybrid Feature Selection for Enhancing Intrusion Detection System Performance," 2025.

C. F. Cheang, Y. Wang, Z. Cai, and G. Xu, "Multi-VMs Intrusion Detection for Cloud Security Using Dempster-shafer Theory.," Computers, Materials & Continua, vol. 57, no. 2, 2018.

M. A. M. Hasan, M. Nasser, B. Pal, and S. Ahmad, "Support vector machine and random forest modeling for intrusion detection system (IDS)," Journal of Intelligent Learning Systems and Applications, vol. 6, no. 01, pp. 45–52, 2014.

E. C. Uwazie, A. A. Obiniyi, M. Olalere, and P. N. Achi, "Comparison of Random Forest, K-Nearest Neighbor, and Support Vector Machine Classifiers for Intrusion Detection System," in 2024 International Conference on Science, Engineering and Business for Driving Sustainable Development Goals (SEB4SDG), IEEE, 2024, pp. 1–6.

A. Halimaa and K. Sundarakantham, "Machine learning based intrusion detection system," in 2019 3rd International conference on trends in electronics and informatics (ICOEI), IEEE, 2019, pp. 916–920.

Y. Zhou, G. Cheng, S. Jiang, and M. Dai, "Building an efficient intrusion detection system based on feature selection and ensemble classifier," Computer networks, vol. 174, p. 107247, 2020.

B. A. Tama, S. Y. Lee, and S. Lee, "A Systematic Mapping Study and Empirical Comparison of Data-Driven Intrusion Detection Techniques in Industrial Control Networks.," Archives of Computational Methods in Engineering, vol. 29, no. 7, 2022.

A. H. Farooqi, S. Akhtar, H. Rahman, T. Sadiq, and W. Abbass, "Enhancing network intrusion detection using an ensemble voting classifier for internet of things," Sensors, vol. 24, no. 1, p. 127, 2023.

Y. Bi, D. Bell, H. Wang, G. Guo, and J. Guan, "Combining multiple classifiers using dempster's rule for text categorization," Applied Artificial Intelligence, vol. 21, no. 3, pp. 211–239, 2007.

A. A. Megantara and T. Ahmad, "A hybrid machine learning method for increasing the performance of network intrusion detection systems," J Big Data, vol. 8, no. 1, p. 142, 2021.

R. Kavya and J. Christopher, "Interpretable systems based on evidential prospect theory for decision-making," Applied Intelligence, vol. 53, no. 2, pp. 1640–1665, 2023.

Ü. Çavuşoğlu, "A new hybrid approach for intrusion detection using machine learning methods," Applied Intelligence, vol. 49, no. 7, pp. 2735–2761, 2019.

R. Zhao, Y. Mu, L. Zou, and X. Wen, "A hybrid intrusion detection system based on feature selection and weighted stacking classifier," IEEE Access, vol. 10, pp. 71414–71426, 2022.

E. C. Uwazie, A. A. Obiniyi, M. Olalere, and P. N. Achi, "Comparison of Random Forest, K-Nearest Neighbor, and Support Vector Machine Classifiers for Intrusion Detection System," in International Conference on Science, Engineering and Business for Driving Sustainable Development Goals, SEB4SDG 2024, Institute of Electrical and Electronics Engineers Inc., 2024. doi: 10.1109/SEB4SDG60871.2024.10629939.

Z. Chen, M. Simsek, B. Kantarci, M. Bagheri, and P. Djukic, "Machine learning-enabled hybrid intrusion detection system with host data transformation and an advanced two-stage classifier," Computer Networks, vol. 250, p. 110576, 2024.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, "CSE-CIC-IDS2018 Dataset," Canadian Institute for Cybersecurity, University of New Brunswick, 2018.

Y. Tang, D. Wu, and Z. Liu, "A new approach for generation of generalized basic probability assignment in the evidence theory," Pattern Analysis and Applications, vol. 24, no. 3, pp. 1007–1023, 2021.

I. H. Putro and T. Ahmad, "Feature Selection Using Pearson Correlation with Lasso Regression for Intrusion Detection System," in 2024 12th International Symposium on Digital Forensics and Security (ISDFS), IEEE, 2024, pp. 1–6.

M. Conciatori, A. Valletta, and A. Segalini, "Improving the quality evaluation process of machine learning algorithms applied to landslide time series analysis," Comput Geosci, vol. 184, p. 105531, 2024.

H. Kaur and D. K. Sandhu, "Evaluating the Effectiveness of the Proposed System Using F1 Score, Recall, Accuracy, Precision and Loss Metrics Compared to Prior Techniques," Int. J. Commun. Networks Inf. Secur, vol. 15, no. 4, pp. 368–383, 2023.

T. M. Chen and V. Venkataramanan, "Dempster-Shafer theory for intrusion detection in ad hoc networks," Nov. 2005. doi: 10.1109/MIC.2005.123

Enhancing Intrusion Detection Systems by Integrating Support Vector Machine and Random Forest Classifiers Using Dempster-Shafer Theory

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Most read articles by the same author(s)

Make a Submission

Information