Ensemble Approach For Intrusion Detection: Combining Random Forest And Bi-Lstm Models
DOI:
https://doi.org/10.64252/m8ynz263Keywords:
Ensemble Learning, Intrusion Detection System (IDS), Bi-LSTM, Random Forest, Network Traffic, CSECIC-IDS2018, Cybersecurity, Weighted Voting, Stacking.Abstract
With cyberattacks growing more complex and harder to predict, defending digital networks requires innovative approaches that combine multiple detection strategies. This study presents a novel ensemble approach for Intrusion Detection Systems (IDS) that synergistically combines Random Forest (RF) and Bidirectional Long Short-Term Memory (Bi-LSTM) models to achieve superior performance over individual models. We evaluate three distinct ensemble strategies: weighted voting, stacking with meta-learner, and hybrid prediction fusion using the CSE-CIC-IDS2018 dataset. Our comprehensive evaluation demonstrates that the ensemble approach achieves 98.7% accuracy, significantly outperforming individual RF (96.8%) and Bi-LSTM (98.02%) models. The weighted voting ensemble shows the most balanced performance with 98.7% accuracy, 98.1% precision, 98.5% recall, and 98.3% F1-score, while maintaining computational efficiency. The stacking ensemble achieves the highest accuracy at 98.9% but requires additional computational overhead. The hybrid fusion approach provides robust performance with enhanced interpretability. Results indicate that ensemble methods effectively combine RF's computational efficiency and interpretability with Bi-LSTM's ability to capture complex sequential patterns, resulting in more reliable and comprehensive intrusion detection. Statistical significance testing confirms that all performance improvements are statistically significant (p < 0.01). This work demonstrates that strategic ensemble combinations can address the evolving landscape of cybersecurity threats while maintaining practical deployment feasibility.