Sistemasi: Jurnal Sistem Informasi (Jul 2025)
A Comparative Study of Machine Learning Algorithms for Intrusion Detection Systems using the NSL-KDD Dataset
Abstract
In today’s digital era, cyberattacks are becoming increasingly complex, rendering traditional rule-based Intrusion Detection Systems (IDS) often ineffective in recognizing new attack patterns. The primary objective of this study is to design and implement a machine learning model for detecting network intrusions efficiently while minimizing latency, through a comparative analysis of several algorithms: Decision Tree, Random Forest, Support Vector Machine (SVM), and Boosting. The research methodology includes the collection of the NSL-KDD dataset, followed by data transformation, cleaning, normalization, and partitioning into training and testing sets. Each algorithm was trained using tuned parameters, and performance was evaluated using metrics such as accuracy, precision, recall, F1-score, and an analysis of training and prediction time. The results indicate that the Boosting algorithm stands out, achieving an accuracy rate of 99.36%. Boosting also demonstrated greater reliability in detecting minority classes, despite requiring longer training times. The application of machine learning methods—particularly Boosting—proves to be an effective approach to enhancing intrusion detection and can serve as a foundation for developing more adaptive and reliable cybersecurity systems.
Keywords
