The rapid growth of network infrastructure has led to an increase in sophisticated cyber-attacks, necessitating robust intrusion detection systems (IDS) for network security. This project focuses on developing an adaptive IDS driven by machine learning to enhance detection accuracy and response to evolving threats. Using the NSL-KDD dataset, which contains both normal and malicious network traffic, the system employs Principal Component Analysis (PCA) for dimensionality reduction, enabling efficient feature extraction. The core of the model integrates Q-Learning for adaptive intrusion detection, allowing the system to learn and respond dynamically to new attack patterns. For classification, Random Forest algorithms are used, with Decision Trees serving as an alternative. Performance evaluation metrics include detection accuracy, false positive rate, and response time, providing insights into the effectiveness of the proposed system compared to traditional IDS solutions. A key innovation is the system's feedback-driven learning capability, which enhances real-time adaptability to novel threats. The research aims to address challenges such as feature selection, classifier optimization, and evolving attack vectors, laying the foundation for scalable, machine learning-based security frameworks. This proof-of-concept demonstrates the potential for deploying adaptive IDS to secure modern network environments against an array of cyber threats.
Sathya et al. (Sun,) studied this question.