A Comparative Analysis of Intrusion Detection Techniques: Machine Learning Approach (original) (raw)
Related papers
Intrusion Detection using Machine Learning Techniques: An Experimental Comparison
2021 International Congress of Advanced Technology and Engineering (ICOTEN)
Due to an exponential increase in the number of cyber-attacks, the need for improved Intrusion Detection Systems (IDS) is apparent than ever. In this regard, Machine Learning (ML) techniques are playing a pivotal role in the early classification of the attacks in case of intrusion detection within the system. However, due to the large number of algorithms available, the selection of the right method is a challenging task. To resolve this issue, this paper analyses some of the current state of the art intrusion detection methods and discusses their pros and cons. Further, a review of different ML methods is carried out with four methods showing to be the most suitable one for classifying attacks. Several algorithms are selected and investigated to evaluate the performance of IDS. These IDS classifies binary and multiclass attacks in terms of detecting whether or not the traffic has been considered as benign or an attack. The experimental results demonstrate that binary classification has greater consistency in their accuracy results which ranged from 0.9938 to 0.9977, while multiclass ranges from 0.9294 to 0.9983. However, it has been also observed that multiclass provides the best results with the algorithm k-Nearest neighbor giving an accuracy score of 0.9983 while the binary classification highest score is 0.9977 from Random Forest. The experimental results demonstrate that multiclass classification produces better performance in terms of intrusion detection by specifically differentiating between the attacks and allowing a more targeted response to an attack.
Intrusion Detection System Using machine learning Algorithms
ITM Web of Conferences
The world has experienced a radical change due to the internet. As a matter of fact, it assists people in maintaining their social networks and links them to other members of their social networks when they require assistance. In effect sharing professional and personal data comes with several risks to individuals and organizations. Internet became a crucial element in our daily life, therefore, the security of our DATA could be threatened at any time. For this reason, IDS plays a major role in protecting internet users against any malicious network attacks. (IDS) Intrusion Detection System is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. In this paper, the focus will be on three different classifications; starting by machine learning, algorithms NB, SVM and KNN. These algorithms will be used to define the best accuracy by means of the USNW NB 15 DATASET in the first stage. Based on the result of the first stage, t...
Intrusion Detection System Using Machine Learning Approaches
2018
Network security is becoming an important issue in the field of information security. Hackers and Intruders can make many successful attempts to break down into networks or computer systems, and so overcome the need to create a powerful Intrusion Detection System (IDS) is a primary need. IDS is the art of detecting attacks and any attempt to break down networks, also it‟s an effective tool to prevent unauthorized access to any network by analyzing its traffic. The aim of this research is to build an Intrusion Detection Framework able to classify network activities, „Normal‟ or „Attack‟, using different Machine Learning algorithms, Random Forest (RF), Multi-Layer Perceptron (MLP), and Library for Support Vector Machine (LIBSVM). The proposed model had been tested by using a common dataset called NSL-KDD. This paper investigates two techniques, the first technique is to apply the different Machine Learning algorithms over the NSL-KDD dataset, and the second technique used a Feature Se...
An Improved Method to Detect Intrusion Using Machine Learning Algorithms
Informatics Engineering, an International Journal, 2016
An intrusion detection system detects various malicious behaviors and abnormal activities that might harm security and trust of computer system. IDS operate either on host or network level via utilizing anomaly detection or misuse detection. Main problem is to correctly detect intruder attack against computer network. The key point of successful detection of intrusion is choice of proper features. To resolve the problems of IDS scheme this research work propose "an improved method to detect intrusion using machine learning algorithms". In our paper we use KDDCUP 99 dataset to analyze efficiency of intrusion detection with different machine learning algorithms like Bayes, NaiveBayes, J48, J48Graft and Random forest. To identify network based IDS with KDDCUP 99 dataset, experimental results shows that the three algorithms J48, J48Graft and Random forest gives much better results than other machine learning algorithms. We use WEKA to check the accuracy of classified dataset via our proposed method. We have considered all the parameter for computation of result i.e. precision, recall, F-measure and ROC.
Intrusion Detection using Machine Learning Techniques
2021
An Intrusion is an uncredited access to a computer in your organization or a personal computer. As the world is becoming more internet-oriented and data leaks occur more than ever in our tech-savvy world, we need to know about these attacks so that they can be prevented hence coming into action Intrusion Detection System. IDS are systems that alert about the attack by analyzing the traffic on the network for signs of unauthorized activity. To identify the attack and alert about that possible attack, this system needs to be trained on some previous attacks data, for this study, the improved version of the KDD99 dataset, NSL-KDD dataset have been used for training the Machine Learning Model. In this analysis of Machine Learning algorithms, the algorithms under consideration are Logistic Regression, Support Vector Machine, Decision Tree, Random Forest. For comparison of the performance of the algorithms metrics like Accuracy Score, Confusion Matrix, and Classification Report were consi...
With the growth of internet world has transformed into a global market with all monetary and business exercises being carried online. Being the most imperative resource of the developing scene, it is the vulnerable object and hence needs to be secured from the users with dangerous personality set. Since the Internet does not have focal surveillance component, assailants once in a while, utilizing varied and advancing hacking topologies discover a path to bypass framework " s security and one such collection of assaults is Intrusion. An intrusion is a movement of breaking into the framework by compromising the security arrangements of the framework set up. The technique of looking at the system information for the conceivable intrusions is known intrusion detection. For the last two decades, automatic intrusion detection system has been an important exploration point. Till now researchers have developed Intrusion Detection Systems (IDS) with the capability of detecting attacks in several available environments; latest on the scene are Machine Learning approaches. Machine learning techniques are the set of evolving algorithms that learn with experience, have improved performance in the situations they have already encountered and also enjoy a broad range of applications in speech recognition, pattern detection, outlier analysis etc. There are a number of machine learning techniques developed for different applications and there is no universal technique that can work equally well on all datasets. In this work, we evaluate all the machine learning algorithms provided by Weka against the standard data set for intrusion detection i.e. KddCupp99. Different measurements contemplated are False Positive Rate, precision, ROC, True Positive Rate.
An Investigation on Intrusion Detection System Using Machine Learning
RM, 2018
With prevalent technologies like Internet of Things, Cloud Computing and Social Networking, large amounts of network traffic and data are generated. Hence, there is a need for Intrusion Detection Systems that monitors the network and analyzes the incoming traffic dynamically. In this paper, NSL-KDD is used to evaluate the machine learning algorithms for intrusion detection. However, not all features improve performance in a large datasets. Therefore, reducing and selecting a particular set of features improve the speed and accuracy. So, features are selected using Recursive Feature Elimination (RFE). We have conducted a rigorous experiment on Intrusion Detection System (IDS) that uses machine learning algorithms, namely, Random Forest and Support Vector Machine (SVM). We have demonstrated the comparison between the model's performance before and after feature selection of both Random Forest and SVM. We have also presented the confusion matrices.
Comparative analysis of Machine Learning algorithms for Intrusion Detection
IOP Conference Series: Materials Science and Engineering, 2021
In this modern era, the network related applications, programs and services are growing enormously but the network security issues also grow along with them. Keeping the network secure is a challenging and a crucial task. To maintain the secure network there must be some system which can detect and identify any malicious activity happening in network. This system is called as Intrusion Detection System. There are many traditional network security tools and techniques of preventing intrusion like firewalls, anti-virus, encryption-decryption, access control etc. But all are not effective in protecting network from increasing attacks. The network traffic can be categories into normal and intrusive traffic using Machine Learning (ML) algorithms. Here, the preliminary comparative study regarding which type of machine learning algorithm performs better in identifying the attacks namely Denial of Service, Probe, User to Root and Remote to Local. The NSL-KDD dataset is used to study features and behavior of malicious attacker using machine learning techniques. This study can be taken as reference for mechanical engineers for developing a safe automation in industrial atmosphere and automation in automobile.
A Review of Machine Learning-based Algorithms for Intrusion Detection System
INTERNATIONAL JOURNAL OF ENGINEERING RESEARCH & TECHNOLOGY (IJERT), 2023
Networks play important roles in modern life, and cyber security has become a dynamic research area. An intrusion detection system (IDS) which is an important cyber security method, monitors the state of software and hardware running in the network. Despite decades of development, existing IDSs still face challenges in improving the detection accuracy, reducing the false alarm rate and detecting unknown attacks. To solve the above problems, many researchers have focused on developing IDSs that exploit on machine learning methods. Machine learning methods can automatically discover the essential differences between normal data and abnormal data with high accuracy. In addition, machine learning methods have strong generalizability, so they are also able to detect unknown attacks. In this paper, we conducted a comprehensive review on machine learning techniques used in building IDS.
Application of Machine Learning Approaches in Intrusion Detection System
Journal of Soft Computing and Data Mining, 2021
The rapid development of technology reveals several safety concerns for making life more straightforward. The advance of the Internet over the years has increased the number of attacks on the Internet. The IDS is one supporting layer for data protection. Intrusion Detection Systems (IDS) offer a healthy market climate and prevent misgivings in the network. Recently, IDS has been used to recognize and distinguish safety risks using Machine Learning (ML). This paper proposed a comparative analysis of the different ML algorithms used in IDS and aimed to identify intrusions with SVM, J48, and Naive Bayes. Intrusion is also classified. Work with the KDD-CUP data set, and their performance has been checked with the WEKA software. A comparison of techniques such as J48, SVM, and Naïve Bayes showed that the accuracy of j48 is the higher one which was (99.96%).