A Machine Learning and Blockchain-Based Framework for Enhanced Intrusion Detection Systems Using the CSE-CIC-IDS2018 Dataset
Abstract
Intrusion Detection Systems (IDS) are critical in shielding digital infrastructures from cyber threats. This paper discusses a hybrid method to enhance a Host-based IDS (HIDS) detection and trustworthiness by incorporating Machine Learning (ML) into Blockchain. We used the CSE-CIC-IDS2018 dataset to benchmark various ML classifiers, including Decision Tree, Random Forest, Support Vector Machine, and XGBoost, all according to standard metrics of accuracy, precision, recall, and F1 score, even with potential class imbalance in the dataset. Between the classifiers examined, the XGBoost algorithm performed the best of all; prior to feature selection, the F1 score averaged 0.98 in a binary classification and 0.80 for the multiclass classification. Following the application of the SelectKBest method the performance played a role dropped to 0.73 (binary) and 0.55 (multiclass), indicating that model accuracy is sensitive to reducing feature selection methods.We proposed a blockchain-enabled log management and integrity monitoring system for an HIDS, which used a private Proof of Authority (PoA) Blockchain and smart contracts for evidence collection. The proposed system is intended to allow tamper-resistant logs, as well as automated event alerts if the logs had been tampered with. We conducted preliminary and simulated tests and showed that the system detected a lack of integrity and evidence with low resource overhead. This study contributes to the design of resilient, intelligent IDS architectures and outlines future directions for integrating adaptive detection with secure, decentralized log management.
DOI:
https://doi.org/10.31449/inf.v49i18.9421Downloads
Published
12/15/2025
How to Cite
Saidi, Z., Ouidad, A., & El Idrissi Younes, E. B. (2025). A Machine Learning and Blockchain-Based Framework for Enhanced Intrusion Detection Systems Using the CSE-CIC-IDS2018 Dataset. Informatica, 49(18). https://doi.org/10.31449/inf.v49i18.9421
Issue
Section
Online-only
License
Authors retain copyright in their work. By submitting to and publishing with Informatica, authors grant the publisher (Slovene Society Informatika) the non-exclusive right to publish, reproduce, and distribute the article and to identify itself as the original publisher.
All articles are published under the Creative Commons Attribution license CC BY 3.0. Under this license, others may share and adapt the work for any purpose, provided appropriate credit is given and changes (if any) are indicated.
Authors may deposit and share the submitted version, accepted manuscript, and published version, provided the original publication in Informatica is properly cited.
