Network Intrusion Detection Systems (NIDSs) have been proposed in the literature as security tools for detecting anomalous and intrusive network data traffic. However, the existing NIDS frameworks are computation-intensive, thereby making them unsuitable for deployment in resource-constrained networks with limited computational capabilities. This paper aims to address this issue by proposing computationally efficient NIDS framework for detecting anomalous data traffic in resource-constrained networks. The proposed NIDS framework uses an ensemble-based classifier model comprising multiple classifiers, which enables it to achieve high accuracy and detection rate across a wide range of low-footprint and stealth network attacks. The proposed framework also uses feature scaling and dimensionality reduction techniques to minimize the overall computational overhead. The proposed framework consists of two stages. In the first stage, four distinct base-level classifiers are utilized. The classification probabilities of the first stage are used in the modified meta-level classifier. The modified meta-level classifier is trained on the class probabilities of the base-level classifiers combined using a novel proposed probability function. The performance of the proposed NIDS framework is evaluated on a proprietary testbed dataset and two benchmark datasets namely CICIDS-2017 and UNSW-NB15. The results reveal that the proposed NIDS framework provides better performance than the existing NIDS frameworks in terms of false positive rate, despite using a significantly lower number of input features for its analysis.

文献中已提出网络入侵检测系统（NIDS）作为检测异常和入侵网络数据流量的安全工具。然而，现有的NIDS框架是计算密集型的，因此不适合部署在计算能力有限的资源受限的网络中。本文旨在通过提出计算高效的 NIDS 框架来解决这个问题，该框架用于检测资源受限网络中的异常数据流量。所提出的 NIDS 框架使用由多个分类器组成的基于集成的分类器模型，这使其能够在各种低足迹和隐形网络攻击中实现高精度和检测率。所提出的框架还使用特征缩放和降维技术来最小化总体计算开销。拟议的框架由两个阶段组成。在第一阶段，使用四个不同的基础级分类器。第一阶段的分类概率用于修改后的元级分类器。修改后的元级分类器是根据使用新提出的概率函数组合的基础级分类器的类概率进行训练的。所提出的 NIDS 框架的性能在专有测试床数据集和两个基准数据集（CICIDS- 2017 和UNSW-NB 15）上进行评估。结果表明，所提出的 NIDS 框架在误报率方面比现有 NIDS 框架提供了更好的性能，尽管使用明显较少数量的输入特征进行分析。