Application of Machine Learning and Deep Learning in Intrusion Detection Systems (IDS)

Noorul Sama Sahel

Co-Presenters: Individual Presentation

College: The Dorothy and George Hennings College of Science, Mathematics and Technology

Major: Computer Science

Faculty Research Mentor: Jing-Chiou Liou

Abstract:

With the increasing sophistication of cyber threats, traditional Intrusion Detection Systems (IDS) like Snort, which rely on signature-based detection, struggle to identify novel and evolving attacks. This research explores the integration of Artificial Intelligence (AI), particularly Machine Learning (ML) and Deep Learning (DL), into IDS to enhance threat detection. By leveraging ML models such as Decision Trees and Support Vector Machines (SVM), and a hybrid Convolutional Neural Network-Long Short-Term Memory (CNN-LSTM) model, we analyze their effectiveness in detecting both known and unknown cyber threats.Using publicly available datasets such as NSL-KDD and CICIDS2017, this study evaluates the performance of traditional ML models versus deep learning approaches. Our results demonstrate that CNN-LSTM outperforms conventional methods by accurately identifying complex attack patterns, reducing false positives, and adapting to real-time network conditions. Furthermore, integrating AI-driven IDS with rule-based systems like Snort enhances detection capabilities, allowing for a more robust defense against zero-day attacks.The findings highlight the potential of hybrid AI-IDS models in modern cybersecurity frameworks. Future work will optimize CNN-LSTM for larger datasets, refine adversarial defenses, and implement real-time deployment in enterprise environments. This research underscores the importance of AI-driven solutions in addressing the evolving landscape of cybersecurity threats.