Applying Machine Learning to Anomaly-Based Intrusion Detection Systems

Authors

Fekadu Yihunie, Sacred Heart University
Eman Abdelfattah, Ramapo College of New Jersey
Amish Regmi, Ramapo College of New Jersey

Document Type

Conference Proceeding

Publication Date

5-2019

Abstract

The enormous growth of Internet-based traffic exposes corporate networks with a wide variety of vulnerabilities. Intrusive traffics are affecting the normal functionality of network's operation by consuming corporate resources and time. Efficient ways of identifying, protecting, and mitigating from intrusive incidents enhance productivity. As Intrusion Detection System (IDS) is hosted in the network and at the user machine level to oversee the malicious traffic in the network and at the individual computer, it is one of the critical components of a network and host security. Unsupervised anomaly traffic detection techniques are improving over time. This research aims to find an efficient classifier that detects anomaly traffic from NSL-KDD dataset with high accuracy level and minimal error rate by experimenting with five machine learning techniques. Five binary classifiers: Stochastic Gradient Decent, Random Forests, Logistic Regression, Support Vector Machine, and Sequential Model are tested and validated to produce the result. The outcome demonstrates that Random Forest Classifier outperforms the other four classifiers with and without applying the normalization process to the dataset.

Comments

At the time of the conference, Fekadu Yihunie was a student in the Master of Science in Cybersecurity program at Sacred Heart University. Eman Abdelfattah was a professor in the program.

DOI

10.1109/LISAT.2019.8817340

Recommended Citation

Yihunie, F., Abdelfattah, E., & Regmi, A. (2019, May). Applying machine learning to anomaly-based intrusion detection systems. IEEE Long Island Systems, Applications and Technology Conference (LISAT), Farmingdale, New York. Doi: 10.1109/LISAT.2019.8817340