A Hybrid Intrusion Detection System Combining PCAMIX, KPCA, and Random Forest for Enhanced Anomaly Detection
H.B Kware *
Department of Statistics, Usmanu Danfodiyo University, Sokoto, Nigeria.
S.U Gulumbe
Department of Statistics, Usmanu Danfodiyo University, Sokoto, Nigeria.
A.B Zoramawa
Department of Statistics, Usmanu Danfodiyo University, Sokoto, Nigeria.
Abdulkarim Bello
Department of Computer Sciences, Usmanu Danfodiyo University, Sokoto, Nigeria.
*Author to whom correspondence should be addressed.
Abstract
This study aims to develop a hybrid intrusion detection system (PKRIDS) that integrates PCAMIX-based Hotelling's T² control charts, Kernel Principal Component Analysis (KPCA), and Random Forest (RF) to improve detection accuracy while reducing false positives in network security. The hybrid approach combines statistical process control, nonlinear dimensionality reduction, and machine learning techniques. Evaluation on benchmark datasets NSL_KDD and TON_IoT used metrics including accuracy, precision, recall, F1-score, and ROC-AUC. PKRIDS employs PCAMIX for mixed-type data processing, KPCA for nonlinear pattern recognition, and RF for robust classification. On NSL_KDD, the model achieved 99.81% detection rate with 0.18% false positives (ROC-AUC=0.9975). For TON_IoT, it attained 99.86% detection rate with 0.13% false positives (ROC-AUC=0.9975). These results demonstrate PKRIDS's effectiveness in combining statistical and machine learning methods for enhanced intrusion detection. The system shows particular strength in handling both continuous and categorical variables while maintaining low false alarm rates.
Keywords: Intrusion Detection System (IDS), PCAMIX, KPCA, random forest, hybrid model, anomaly detection, network security