The development and implementation of anomaly-based man-in-the- middle intrusion detection system with an improved ensemble modelling scheme in domain name server and edgecomputing

Moila, Ramahlapane Lerato

ULSpace Home
→
Faculty of Science and Agriculture
→
School of Mathematical & Computational Sciences
→
Theses and Dissertations (Computer Science)
→
View Item

The development and implementation of anomaly-based man-in-the- middle intrusion detection system with an improved ensemble modelling scheme in domain name server and edgecomputing

Moila, Ramahlapane Lerato

URI: http://hdl.handle.net/10386/5029

Date: 2025

Abstract:

Technology is evolving at a rapid pace and its role in adding value to businesses around the world has come sharply into focus. Due to this rapid growth of devices, the centralised cloud is now experiencing significant difficulties in protecting large volumes of digital data. It has also become expensive to manage and maintain data accuracy. Mobile Edge Computing has become a promising solution with innovative data management, cost effectiveness, reliability, and uninterrupted connectivity. While the technology has transformed how data is handled and processed, it remains susceptible to security attacks such as Man-in-the-Middle (MitM) attacks. These attacks can cause severe consequences, as the attacker can intercept communications between any two parties without their knowledge, compromising and disrupting sensitive data, card credentials, and passwords. This study aims to develop an anomaly-based intrusion detection scheme using ensemble modelling to combat MitM attacks. The scheme is designed to address false positives and improve accuracy. The proposed Ensemble Cuckoo was trained on Kaggle platform using Python as a programming language. We used the Cuckoo Search Algorithm to optimise the ensemble model (random forest). The scheme was compared to the Support Vector Machine (SVM) and the Local Outlier Factor (LOF) algorithms. To evaluate the effectiveness of the proposed Ensemble Cuckoo, this study utilised the F1-score, Precision, Recall and Accuracy metrics. The simulation results indicate that the proposed Ensemble Cuckoo outperformed the algorithms it was compared against, achieving detection accuracy of 99.9%, showing a good improvement in terms of minimising false positives. The results were validated using Bayesian Dynamic Stackelberg Game Theory, which simulates the interactions between the defender and the attacker. Despite its effectiveness, the study acknowledges certain limitations, including the need for refinement in real-time processing and challenges related to scaling in large, and distributed networks. Future research could focus on extending the application of the proposed Ensemble Cuckoo, paving the way for broader adoption and deployment in real-world scenarios.