<![CDATA[The rapid expansion of interconnected enterprise networks has intensified cybersecurity threats, while traditional signature-based intrusion detection systems remain ineffective against evolving and imbalanced attack patterns, particularly zero-day and low-frequency attacks. This study aims to develop an optimized and practically deployable intrusion detection framework by leveraging a Random Forest classifier on the CIC-IDS2017 benchmark dataset, with emphasis on robust minority attack detection, computational efficiency, and interpretability for real-world security operations. The proposed method integrates comprehensive data preprocessing, Synthetic Minority Over-sampling Technique (SMOTE) for class imbalance mitigation, feature importance–driven dimensionality reduction, and exhaustive grid search–based hyperparameter optimization within a unified machine learning pipeline. Experiments conducted on 2.52 million network flow records demonstrate that the optimized model achieves 98.14% accuracy, 96.25% weighted F1-score, and 0.993 ROC-AUC, while maintaining stable performance across all attack categories, including minority classes such as Infiltration and Botnet with F1-scores exceeding 93%. Feature selection reduced dimensionality by 58.3% and training time by 63.2% without degrading performance, enhancing deployment feasibility in enterprise intrusion detection environments. Comparative analysis confirms that the proposed approach outperforms baseline Random Forest models, traditional machine learning methods, and recent deep learning approaches while requiring significantly lower computational resources. These findings indicate that a holistically optimized Random Forest framework offers a reliable, interpretable, and operationally efficient solution for real-world network security monitoring and cyber defense systems.]]>
Copyrights © 2026
