Analysis of qualification techniques for instrusion detection
No Thumbnail Available
Date
2019
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
UMT.Lahore
Abstract
Last Decade was the development era of network based internet applications. Network Attacks are common on these systems nowadays. Intrusion Detection System (IDS) is the core defense line of network, however IDS task is challenging. In the field of machine learning, many supervised and unsupervised methods have been developed by the researchers that try to detect anomalies effectively. These earlier forms of Intrusion Detection Systems (IDS) were able to accumulate large portions of evidence only when they had signatures of such intrusion already available. Nevertheless, classifying large chunks of data was cumbersome process, which compelled analysts to develop other kinds of techniques.
For this research, standard and publically available dataset (NSL-KDD) is used for experiments using python based Scikit-learn library. By dividing the dataset into train and test portions, well known evaluation metrics were used to evaluate the trained models on NSL-KDD dataset. The normal and anomalous records have been identified using classification techniques like Decision Tree, Naïve Bayes, Ada Boost, MLP, Random Forest and Liner SVM. Models are evaluated using accuracy, precision, recall and F1 Score performance measures. The Accuracy of MLP model is 99% and Decision Tree Model is 98%. Using recent literature work comparative analysis on two standard and publically available datasets (ISCX-IDS 2012 and UNSW-NB15) is also presented in this working.
Keyword: Network Security, Intrusion Detection, Machine Learning, Classification, Anomaly