Cyber threats in today's software-defined network infrastructures are growing at an exponential rate, thus sophisticated, adaptive security measures are required.  In order to enhance detection accuracy and computational efficiency, this study introduces a Network Intrusion Detection and Prevention System (NIDPS) that is ensemble-based and designed for Software-Defined Networking (SDN). The NIDPS makes use of a hybrid feature selection technique.  As part of its soft-voting ensemble architecture, the system incorporates XGBoost, Decision Tree, and Support Vector Machine, three machine learning classifiers.  To tackle the difficulties of dealing with high-dimensional network traffic data, feature selection is optimised using Correlation-Based methods and Recursive Feature Elimination (RFE).  Datasets obtained from simulated Denial-of-Service (DoS) attacks were used to evaluate the model, which was constructed and tested in a virtualised, emulated SDN environment using the SEED Internet Emulator.  All of the model variations demonstrated near-perfect detection ability (up to 100% accuracy) in the experiments, with the fastest predictions coming from RFE-enhanced models.  The system is well-suited for implementation in actual programmable network settings due to its real-time alerting and preventive features.  The results of this study show that an effective and scalable method for intrusion detection in SDNs may be achieved by combining ensemble learning with intelligent feature selection.

Received: 29 November 2025

Accepted: 23 January 2026

Published: 22 April 2026

H. LI, Q. LI, Z. XU, and X. YE, “Digital Technologies,” Journal of Digital Economy, vol. 3, pp. 240–248, Mar. 2025, doi: https://doi.org/10.1016/j.jdec.2025.02.001.

O. B. Adoghe, B. A. Ikharo, H. E. Amhenrior, J. Abiodun, and E. B. Chukwu, “Data Collection Module for a Centralized Electronic Health Records System,” Journal of Engineering Research Innovation and Scientific Development (JERISD), vol. 2, no. 1, pp. 11–19, Mar. 2024, doi: https://doi.org/10.61448/jerisd21242.

R. Kaur, D. Gabrijelčič, and T. Klobučar, “Artificial intelligence for cybersecurity: Literature review and future research directions,” Information Fusion, vol. 97, no. 101804, pp. 1–29, 2023, doi: https://doi.org/10.1016/j.inffus.2023.101804.

R. Muggah and M. Margolis, “Why we need global rules to crack down on cybercrime,” World Economic Forum, Jan. 02, 2023. https://www.weforum.org/stories/2023/01/global-rules-crack-down-cybercrime/ (accessed Apr. 22, 2025).

S. Morgan, “Cybercrime to cost the world $10.5 trillion annually by 2025,” Cybercrime Magazine, Nov. 13, 2020. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ (accessed Apr. 22, 2025).

L. Diana, P. Dini, and D. Paolini, “Overview on Intrusion Detection Systems for Computers Networking Security,” Computers, vol. 14, no. 3, p. 87, Mar. 2025, doi: https://doi.org/10.3390/computers14030087.

M. Rahman, S. A. Shakil, and M. R. Mustakim, “A Survey on Intrusion Detection System in IoT Networks,” Cyber Security and Applications, p. 100082, Dec. 2024, doi: https://doi.org/10.1016/j.csa.2024.100082.

O. Joseph and R. Ajax, “Comparison of Traditional vs. AI-Based Intrusion Detection and Prevention Systems: Efficiency and Accuracy,” ResearchGate, Mar. 10, 2025. https://www.researchgate.net/publication/389717300_Comparison_of_Traditional_vs_AI-Based_Intrusion_Detection_and_Prevention_Systems_Efficiency_and_Accuracy (accessed Apr. 22, 2025).

H. Dhrir, M. Charfeddine, N. Tarhouni, and H. M. Kammoun, “Machine learning- and deep learning-based anomaly detection in firewalls: a survey,” The Journal of Supercomputing, vol. 81, no. 6, Apr. 2025, doi: https://doi.org/10.1007/s11227-025-07212-y.

S. Muneer, U. Farooq, A. Athar, M. A. Raza, T. M. Ghazal, and S. Sakib, “A Critical Review of Artificial Intelligence Based Approaches in Intrusion Detection: A Comprehensive Analysis,” Journal of engineering, vol. 2024, pp. 1–16, Apr. 2024, doi: https://doi.org/10.1155/2024/3909173.

T. Tong and Z. Li, “Predicting learning achievement using ensemble learning with result explanation,” PLoS ONE, vol. 20, no. 1, pp. e0312124–e0312124, Jan. 2025, doi: https://doi.org/10.1371/journal.pone.0312124.

Kristel, A.-F. Rutkowski, and C. Saunders, “The whole of cyber defense: Syncing practice and theory,” The Journal of Strategic Information Systems, vol. 33, no. 4, pp. 101861–101861, Sep. 2024, doi: https://doi.org/10.1016/j.jsis.2024.101861.

N. James, “How Many Cyber Attacks Per Day: The Latest Stats and Impacts in 2023 - Astra Security Blog,” ASTRA, Apr. 18, 2023. https://www.getastra.com/blog/security-audit/how-many-cyber-attacks-per-day/ (accessed Apr. 22, 2025).

C. Rajathi and P. Rukmani, “Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers,” Alexandria Engineering Journal, vol. 112, pp. 384–396, Nov. 2024, doi: https://doi.org/10.1016/j.aej.2024.10.101.

K. Noor, Agbotiname Lucky Imoize, C.-T. Li, and C.-Y. Weng, “A Review of Machine Learning and Transfer Learning Strategies for Intrusion Detection Systems in 5G and Beyond,” Mathematics, vol. 13, no. 7, pp. 1088–1088, Mar. 2025, doi: https://doi.org/10.3390/math13071088.

T. Sowmya and E.A. Mary Anita, “A comprehensive review of AI based intrusion detection system,” ScienceDirect, vol. 28, pp. 100827–100827, Jun. 2023, doi: https://doi.org/10.1016/j.measen.2023.100827.

P. A. doost, S. S. Moghadam, E. Khezri, A. Basem, and M. Trik, “A new intrusion detection method using ensemble classification and feature selection,” Scientific Reports, vol. 15, no. 1, Apr. 2025, doi: https://doi.org/10.1038/s41598-025-98604-w.

U. Ahmed et al., “Signature-based intrusion detection using machine learning and deep learning approaches empowered with fuzzy clustering,” Scientific Reports, vol. 15, no. 1, Jan. 2025, doi: https://doi.org/10.1038/s41598-025-85866-7.

S. L. Pawar and M. S. Karyakarte, “A Hybrid CNN and Attentive Hierarchical BiLSTM Model with SMO for Intrusion Detection in IIoT,” Apr. 2025, doi: https://doi.org/10.21203/rs.3.rs-6158243/v1.

J. Xie, “Application Study on the Reinforcement Learning Strategies in the Network Awareness Risk Perception and Prevention,” The International journal of computational intelligence systems/International journal of computational intelligence systems, vol. 17, no. 1, May 2024, doi: https://doi.org/10.1007/s44196-024-00492-x.

B. Susilo, A. Muis, and R. F. Sari, “Intelligent Intrusion Detection System Against Various Attacks Based on a Hybrid Deep Learning Algorithm,” Sensors, vol. 25, no. 2, pp. 580–580, Jan. 2025, doi: https://doi.org/10.3390/s25020580.

S. Walling and S. Lodh, “Enhancing IoT intrusion detection through machine learning with AN-SFS: a novel approach to high performing adaptive feature selection,” Discover Internet of Things, vol. 4, no. 1, Oct. 2024, doi: https://doi.org/10.1007/s43926-024-00074-5.

N. Pudjihartono, T. Fadason, A. W. Kempa-Liehr, and J. M. O’Sullivan, “A Review of Feature Selection Methods for Machine Learning-Based Disease Risk Prediction,” Frontiers in Bioinformatics, vol. 2, Jun. 2022, doi: https://doi.org/10.3389/fbinf.2022.927312.

N. Anand, R. Sehgal, S. Anand, and A. Kaushik, “Feature selection on educational data using Boruta algorithm,” International Journal of Computational Intelligence Studies, vol. 10, no. 1, p. 27, 2021, doi: https://doi.org/10.1504/ijcistudies.2021.113826.

A. A. Khan, O. Chaudhari, and R. Chandra, “A Review of Ensemble Learning and Data Augmentation Models for Class Imbalanced problems: Combination, Implementation and Evaluation,” Expert Systems with Applications, vol. 244, no. 122778, p. 122778, Dec. 2023, doi: https://doi.org/10.1016/j.eswa.2023.122778.

A. M. Alsaffar, M. Nouri-Baygi, and H. M. Zolbanin, “Shielding networks: enhancing intrusion detection with hybrid feature selection and stack ensemble learning,” Journal of Big Data, vol. 11, no. 1, Sep. 2024, doi: https://doi.org/10.1186/s40537-024-00994-7.

H. Duy, “Recursive Feature Elimination Algorithm for Intrusion Detection Systems,” 2022 7th International Conference on Business and Industrial Research (ICBIR), May 2022, doi: https://doi.org/10.1109/icbir54589.2022.9786411.

A. Fausto, G. Gaggero, F. Patrone, and M. Marchese, “Reduction of the Delays Within an Intrusion Detection System (IDS) Based on Software Defined Networking (SDN),” IEEE Access, vol. 10, pp. 109850–109862, 2022, doi: https://doi.org/10.1109/access.2022.3214974.