A Machine Learning and Blockchain-Based Framework for Enhanced Intrusion Detection Systems Using the CSE-CIC-IDS2018 Dataset

Abstract

Intrusion Detection Systems (IDS) are critical in shielding digital infrastructures from cyber threats. This paper discusses a hybrid method to enhance a Host-based IDS (HIDS) detection and trustworthiness by incorporating Machine Learning (ML) into Blockchain. We used the CSE-CIC-IDS2018 dataset to benchmark various ML classifiers, including Decision Tree, Random Forest, Support Vector Machine, and XGBoost, all according to standard metrics of accuracy, precision, recall, and F1 score, even with potential class imbalance in the dataset. Between the classifiers examined, the XGBoost algorithm performed the best of all; prior to feature selection, the F1 score averaged 0.98 in a binary classification and 0.80 for the multiclass classification. Following the application of the SelectKBest method the performance played a role dropped to 0.73 (binary) and 0.55 (multiclass), indicating that model accuracy is sensitive to reducing feature selection methods.We proposed a blockchain-enabled log management and integrity monitoring system for an HIDS, which used a private Proof of Authority (PoA) Blockchain and smart contracts for evidence collection. The proposed system is intended to allow tamper-resistant logs, as well as automated event alerts if the logs had been tampered with. We conducted preliminary and simulated tests and showed that the system detected a lack of integrity and evidence with low resource overhead. This study contributes to the design of resilient, intelligent IDS architectures and outlines future directions for integrating adaptive detection with secure, decentralized log management.

Authors

  • Zakariae Saidi Ibn Tofail University
  • Akhrif Ouidad
  • El Bouzekri El Idrissi Younes

DOI:

https://doi.org/10.31449/inf.v49i18.9421

Downloads

Published

12/15/2025

How to Cite

Saidi, Z., Ouidad, A., & El Idrissi Younes, E. B. (2025). A Machine Learning and Blockchain-Based Framework for Enhanced Intrusion Detection Systems Using the CSE-CIC-IDS2018 Dataset. Informatica, 49(18). https://doi.org/10.31449/inf.v49i18.9421

Issue

Vol. 49 No. 18 (2025): Online-only issue

Section

Online-only

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika