Machine Learning Methods for Network Intrusion Detection
Authors: Mouhammad Alkasassbeh, Mohammad Almseidin
Abstract:
Network security engineers work to keep services available all the time by handling intruder attacks. Intrusion Detection System (IDS) is one of the obtainable mechanisms that is used to sense and classify any abnormal actions. Therefore, the IDS must be always up to date with the latest intruder attacks signatures to preserve confidentiality, integrity, and availability of the services. The speed of the IDS is a very important issue as well learning the new attacks. This research work illustrates how the Knowledge Discovery and Data Mining (or Knowledge Discovery in Databases) KDD dataset is very handy for testing and evaluating different Machine Learning Techniques. It mainly focuses on the KDD preprocess part in order to prepare a decent and fair experimental data set. The J48, MLP, and Bayes Network classifiers have been chosen for this study. It has been proven that the J48 classifier has achieved the highest accuracy rate for detecting and classifying all KDD dataset attacks, which are of type DOS, R2L, U2R, and PROBE.
Keywords: IDS, DDoS, MLP, KDD.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1474271
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 731References:
[1] N. Huy and C. Deokjai, "Application of data mining to network intrusion detection: classifier selection model," Challenges for Next Generation Network Operations and Service Management, pp. 399--408, 2008.
[2] S. Paliwal and R. Gupta, "Denial-of-service, probing \& remote to user (R2L) attack detection using genetic algorithm," International Journal of Computer Applications, vol. 60, no. 19, pp. 57--62, 2012.
[3] D. Gaikwad, S. Jagtap, K. Thakare and V. Budhawant, "Anomaly based intrusion detection system using artificial neural network and fuzzy clustering," International Journal of Engineering}, vol. 1, no. 9, 2012.
[4] V. Bapuji, R. N. Kumar, A. Goverdan and S. Sharma, "Soft computing and artificial intelligence techniques for intrusion detection system," Networks and Complex Systems, vol. 2, no. 4, 2012.
[5] M. Pradhan, S. K. Pradhan and S. K. Sahu, "Anomaly detection using artificial neural network," International Journal of Engineering Sciences \& Emerging Technologies, vol. 2, no. 1, pp. 29--36, 2012.
[6] M. Sammany, M. Sharawi, M. El-Beltagy and I. Saroit, "Artificial neural networks architecture for intrusion detection systems and classification of attacks," in The 5th international conference INFO2007, 2007.
[7] M. Al-Kasassbeh, G. Al-Naymat, A. Hassanat and M. Almseidin, "Detecting Distributed Denial of Service Attacks Using Data Mining Techniques," International Journal of Advanced Computer Science and Applications, vol. 7, no. 1, 2016.
[8] M. Al-kasassbeh, "An Empirical Evaluation For The Intrusion Detection Features Based On Machine Learning And Feature Selection Methods," Journal of Theoretical and Applied Information Technology, vol. 22, p. 95, 2017.
[9] H. Nguyen and D. Choi, "Application of data mining to network intrusion detection: classifier selection model," Challenges for Next Generation Network Operations and Service Management, pp. 399--408, 2008.
[10] M. K. Lahre, M. T. Dhar, D. Suresh, K. Kashyap and P. Agrawal, "Analyze different approaches for IDS using KDD 99 data set," International Journal on Recent and Innovation Trends in Computing and Communication, vol. 1, no. 8, pp. 645--651, 2013.
[11] L. Breiman, "Random forests," Machine learning, vol. 45, no. 1, pp. 5--32, 2001.
[12] N. Bhargava, G. Sharma, R. Bhargava and M. Mathuria, "Decision tree analysis on j48 algorithm for data mining," Proceedings of International Journal of Advanced Research in Computer Science and Software Engineering, vol. 3, no. 6, 2013.
[13] C. Fleizach and S. Fukushima, A naive Bayes classifier on 1998 KDD Cup, echnical Report, Department of Computer Science and Engineering, University of California, San Diego, 1998.
[14] D. I. D. DataSet, "Lincoln Labrototy MIT," MIT, (Online). Available: https://www.ll.mit.edu/ideval/data/. (Accessed 5 4 2018).
[15] Breiman, Leo, Friedman, J. H, Olshen, R. A, Stone and C. J, "Classification and regression trees. Wadsworth," Belmont, CA, 1984.
[16] S. K. Pal and S. Mitra, "Multilayer perceptron, fuzzy sets, and classification," IEEE Transactions on neural networks, vol. 3, no. 5, pp. 683--697, 1992.
[17] K. Gurney, An introduction to neural networks, CRC press, 1997.
[18] L. Fausett and L. Fausett, Fundamentals of neural networks: architectures, algorithms, and applications, Prentice-Hall, 1994.
[19] N. Friedman, D. Geiger and M. Goldszmidt, "Bayesian network classifiers," Machine learning}, vol. 29, no. 3, pp. 131--163, 1997.
[20] S. B. Kotsiantis, I. Zaharakis and P. Pintelas, Supervised machine learning: A review of classification techniques, 2007.