Improved Machine Learning-Based Intrusion Detection Systems for Secure Network Virtualization

Biju, Albin (2025) Improved Machine Learning-Based Intrusion Detection Systems for Secure Network Virtualization. Masters thesis, Dublin, National College of Ireland.

Preview	PDF (Master of Science) Download (927kB) | Preview
Preview	PDF (Configuration Manual) Download (426kB) | Preview

Abstract

The adoption of network virtualization and cloud computing has introduced new complexities and attack vectors, which demands more intelligent and scalable security solutions. In such cases, traditional Intrusion Detection Systems (IDS) often have struggle to provide effective protection. This research addresses this challenge by designing and developing an improved machine learning-based IDS with security for network virtualization in mind. The project is motivated by the need for security to be integrated into the system that not only attains high accuracy in detection but also provides good operational management and scalability under a cloud environment. Following through a quantitative experimental study the research laid the foundation on the CIC-IDS2017 dataset for training and evaluation on a battery of machine learning models that include Random Forest, Multi-Layer Perceptron (MLP), and Long Short-Term Memory (LSTM) networks. After a series of solid preprocessing, feature engineering, and hyperparameter tuning procedures, the Tuned Random Forest model emerged as a winner, attaining an accuracy of 98.47% and a strong weighted F1-score of 0.98 as per this research study. A core contribution of this work is an implementation of an end-to-end real-time IDS system that incorporates this highly accurate model and integrates it into one of the AWS cloud architectures. The system uses AWS Lambda for scalable, serverless inference; Amazon CloudWatch for rich monitoring with custom metrics and automated alarms; and Amazon Security Lake for standardized long-term event logging in the OCSF-open cybersecurity schema framework format. Real-time visualization and administrative control of the complete system are done through a web dashboard based on Flask. The evaluation establishes the efficacy of the ML model and the successful integration of the cloud components, establishing a scalable, manageable, and highly visible security solution apposite for modern virtualized networks.

Item Type:	Thesis (Masters)
Supervisors:	Name Email Heeney, Sean UNSPECIFIED
Subjects:	T Technology > T Technology (General) > Information Technology > Cloud computing Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security T Technology > T Technology (General) > Information Technology Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions:	School of Computing > Master of Science in Cloud Computing
Depositing User:	Ciara O'Brien
Date Deposited:	20 Mar 2026 11:32
Last Modified:	20 Mar 2026 11:32
URI:	https://norma.ncirl.ie/id/eprint/9201

Actions (login required)

View Item