A stacked ensemble approach to detect cyber attacks based on feature selection techniques

The exponential growth of data and increased reliance on interconnected systems have heightened the need for robust network security. Cyber-Attack Detection Systems (CADS) are essential for identifying and mitigating threats through network traffic analysis. However, the effectiveness of CADS is highly dependent on selecting pertinent features. This research evaluates the impact of three feature selection techniques—Recursive Feature Elimination (RFE), Mutual Information (MI), and Lasso Feature Selection (LFS)—on CADS performance. We propose a novel stacked ensemble classification approach, combining Random Forest, XGBoost, and Extra-Trees classifiers with a Logistic Regression meta-model. Performance is assessed using CICIDS2017 and NSL-KDD datasets. Results show that RFE achieves 100% accuracy for Brute Force attacks, 99.99% for Infiltration and Web Attacks on CICIDS2017, and 99.95% accuracy for all attacks on NSL-KDD, marking a significant improvement over traditional methods. This study demonstrates that optimizing feature selection and leveraging diverse classifiers can substantially enhance the accuracy of CADS, providing stronger protection against evolving cyber threats.