A Critical Analysis and Performance Benchmarking of Intrusion Detection Using the OD-IDS2022 Dataset and Machine Learning Techniques ND

Abstract

Over the past decade, numerous Intrusion Detection Systems (IDS) have been developed to address the growing complexity of cybersecurity threats. To support evaluation of such systems, the Center for Excellence in Cyber Security (CoECS) at IDRBT released the OD-IDS2022 dataset [4], which integrates contemporary attack vectors and updated feature sets. While the dataset has gained attention for its relevance, our analysis highlights critical shortcomings, including severe class imbalance, redundancy in records, and inconsistencies across feature distributions, which collectively bias IDS performance evaluation. To systematically investigate these issues, we conducted a comprehensive statistical and empiricalstudy, employing dimensionality reduction techniques (PCA, t-SNE) and multiple supervised classifiers (Random Forest, SVM, XGBoost). Experimental results reveal that classification accuracy is overstated by up to 12% due to imbalance, while precision and recall for minority attack classes drop below 65%, yielding an overall F1-score of 0.91 and an AUC of 0.95. After applying balanced sampling strategies and refined preprocessing, we observed consistent performance improvements, with average precision increasing by 9%, recall by 11%, and F1-score reaching 0.92, alongside an AUC of 0.96. The ROC curve behavior was also analyzed to assess discrimination capability across different classes. These findings emphasizethat the dataset’s inherent limitations significantly affect IDS benchmarking, and we provide concrete recommendations for curating a more balanced and representative version of OD-IDS2022 to strengthen the robustness and generalizability of IDS evaluation frameworks.

Authors

  • ND Patel
  • Ajeet Singh School of Computing Science and Engineering (SCSE), VIT Bhopal University, Kothrikalan, Sehore Madhya Pradesh - 466 114
  • BM Mehtre
  • Rajeev Wankar

DOI:

https://doi.org/10.31449/inf.v49i4.5651

Downloads

Published

2025-12-16

Issue

Vol. 49 No. 4 (2025)

Section

Regular papers

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika