A HYBRID ENSEMBLE LEARNING APPROACH FOR ENTERPRISE NETWORK THREAT CLASSIFICATION

Authors

Keywords:

Intrusion detection systems , Hybrid ensemble learning , DDoS attack classification , Feature selection (information gain) , Data balancing

Abstract

The increased number of business networks has increased the traffic levels of the networks, which increases the susceptibility to advanced types of cyber-attacks such as Distributed Denial of Service (DDoS). The current intrusion detection systems have not had the capability to address the rising pattern attacks, therefore creating a need to employ the smart data models. The study presents a hybrid model design approach that combines the Support Vector Machine (SVM) algorithm, the Random Forest (RF) algorithm, and the Extreme Gradient Boosting (XGBoost) algorithm. The experiment study is undertaken on the CICDDoS 2019 dataset platform that supports diverse benign and DDoS network attacks. Data processing corresponded to the normalization of data, data ranking through the Information Gain values, and the application of the Synthetic Minority Over-sampling Technique (SMOTE). Each of the algorithms was individually created and evaluated through accuracy, precision, recall, F1 statistics, and AUC-ROC plots. It is clear from this study work that SVM performed best on its own with almost 99.92 % accuracy and Area Under the Curve (AUC) of 0.999 percent, outperforming RF and XG-Boost. The proposed hybrid ensemble model further enhanced these measures with 99.96 % accuracy with added strengths in terms of enhanced model generalization. This study work clearly establishes that the hybrid ensemble design of optimized traditional ML models performs efficiently and is scalable on real-time scales of enterprise network threats.

Author Biographies

Emmanuel Magai Gambo

Department of Computer Science

Timothy Moses

Department of Computer Science

Muhammad Mukhtar Liman

Department of Computer Science

 

Andrew Ishaku Wreford

Department of Computer Science

Dimensions

Abolarinwa, M., Adegoke, E., Adewuya, M. and Ojo, E. (2024). Development of a distributed denial of service detection model using ensemble machine learning techniques. Adeleke University Journal of Science (AUJS), 3(1).

Afolalu, O. and Tsoeu, M. S. (2025). Enterprise networking optimization: A review of challenges, solutions, and technological interventions. Future Internet, 17(4), 133. https://doi.org/10.3390/fi17040133

Alharthi, H., Medjek, F. and Djenouri, Y. (2025). Hybrid ensemble methods for intrusion detection in enterprise networks. Computers & Security, 140, 103746. https://doi.org/10.1016/j.cose.2025.103746

Alotaibi, F. and Ilyas, M. (2023). An ensemble learning framework for IoT device security using SVM and random forest. International Journal of Information Security Science, 12(1), 55–70.

Alowaidi, A. E. A. and Cevik, M. (2025). Adaptive volcano support vector machine (AVSVM) for efficient malware detection. Applied Sci., 15(24), 12995. https://doi.org/10.3390/app152412995

Balta, D., Çavuşoğlu, U. and Balta, M. (2024). A comprehensive survey on Machine learning-based intrusion detection systems for vehicular networks: A review. Düzce University Journal of Science & Technology, 12, 1536-1556.

https://doi.org/10.29130/debited.1372131

Ben, C., HajKacem, M. and Alattas, M. (2024). Enhancing intrution detection performance using explainable ensemble deep learning. Peerj Comput Sci., 10, e2289.doi:10.7717/peerj-cs.2289

Bolodurina, I., Makarov, A., Shukhman, A., Perfenov, D. and Zabrodina. L. (2020). Investigation of the problem of classifying unbalance datasets in identifying DDoS attacks detection using CICDDoS2019 dataset. Journal of Physics: Conference Series, 1679, 042020. DOI: 10.1088/1742-6596/1679/4/042020

Daniyal, M., Khan, Z. and Rehman, S. (2021). Efficient detection of DDoS attacks using a hybrid with improved deep learning model with improved feature selection. International Journal of Applied Science, Appl. Sci., 11, 11634. https://doi.org/10.3390/app112411634

Hossain, M., Rahman, T. and Sultana, N. (2024). Hybrid feature selection and ensemble classification for enhanced DDoS detection. Computer Networks, 237, 110023. https://doi.org/10.1016/j.comnet.2024.110023

Kavitha, K., Rajesh, R. and Venkatesh, B. (2024). Hybrid machine learning models for network intrusion detection. ICT Express, 10(2).

Salman, H. A., Kalakech, A. and Steiti, A. (2024). Random forest algorithm overview. Babylonian Journal of Machine Learning, 69–79.

Saravanan, T. and Pugalenthi, R. (2025). Seismic-driven neural intelligence coupled with hybrid evolution strategy for accurate intrusion detection in cloud-IoT systems. The Journal of Supercomputing, 81(16), 1557. https://doi.org/10.1007/s11227-024-05878-3

Shajideen, M. and Bindu, V. (2018). Spam filtering: A comparison between different machine learning classifiers on enron. dataset. International Conference on Electronics Communication and Aerospace Technology, ICECA, 1919-1922. DOI: 10.1109/iceca.2028.8474778

Sharma, D. and Shah, S. (2025). Hybrid feature selection and ensemble learning for DDoS detection using CICDDoS2019 dataset. Journal of Network and Computer Applications.

Talukder, M. A. and Uddin, M. A. (2023). CIC-DDoS2019 Dataset (Version 1) [Data set]. Mendeley Data. https://doi.org/10.17632/ssnc74xm6r.1

Published

19-05-2026

How to Cite

A HYBRID ENSEMBLE LEARNING APPROACH FOR ENTERPRISE NETWORK THREAT CLASSIFICATION. (2026). FULafia Journal of Science and Technology , 10(2), 91-99. https://doi.org/10.62050/fjst2026.v10n2.723

Issue

Vol. 10 No. 2 (2026): Fulafia Journal of Science and Technology (FJST)

Section

Physical Sciences
Copyright & Licensing

How to Cite

A HYBRID ENSEMBLE LEARNING APPROACH FOR ENTERPRISE NETWORK THREAT CLASSIFICATION. (2026). FULafia Journal of Science and Technology , 10(2), 91-99. https://doi.org/10.62050/fjst2026.v10n2.723

Similar Articles

1-10 of 128

You may also start an advanced similarity search for this article.