Intrusion Detection System using Clustering, Deep Learning and Feature Reduction Technique

Abstract

TThis research proposes an intrusion detection system (IDS) leveraging a hybrid machine learning and deep learning approach to enhance multiclass classification accuracy. The study uses the KDD99 dataset, comprising 494,020 instances with 42 features, which undergoes preprocessing steps including label encoding, memory optimization (reducing the data size by 49.99%), and feature scaling using a Standard Scaler. A hybrid feature selection technique combining Select Best and Recursive Feature Elimination (RFE) reduces the feature set from 42 to 15, improving computational efficiency. For clustering, K-means (with optimal *k* determined via the elbow method) and DBSCAN (with epsilon tuning using the knee method) are employed. Performance is evaluated using the Silhouette Score, where K-means achieves the highest score (0.885) with 11 clusters. The clustered data is then classified using an LSTM model, achieving 99.92% accuracy for 5 clusters, 99.86% for 11 clusters, and 99.53% for 22 clusters. The model demonstrates high precision, recall, and F1-scores across all clusters, even for minority attack classes. Comparative analysis with existing methods highlights the superiority of the proposed hybrid feature selection and LSTM-based classification approach. Future work may explore alternative clustering techniques and real-time deployment for enhanced intrusion detection performance