Implementation of Six Single Classifiers and Feature Selection for Performance Enhancement in Anomaly-Based Intrusion Detection

Abdisalam A. Mohamed*, Ibraheem Shayea, Fadi Al-Turjman

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

Attacks against information systems have been sharply increasing recently. Cyberattacks are becoming less detectable by the normal antiviruses and firewalls. Various security systems have been deployed to protect information systems; Network Intrusion Detection Systems (NIDS) are among the most widely used security systems in the networking industry. IDS can be an anomaly-based or signature-based system. Signature-based NIDSs are effective against known attacks but futile against zero-day attacks. To detect novel attack techniques, anomaly-based IDS has proven to be more useful than signature-based IDS. This study used six Machine Learning algorithms to detect network intrusion incidents. The CSE-CIC-IDS2018 dataset is employed to train and test the algorithms. The dataset is cleared of defects, and important features are selected using the Random Forest Regressor algorithm. A sample of the dataset with selected key features is applied to six machine learning algorithms (Gradient Boosting, AdaBoost, ID3, KNN, MLP, and Random Forest). Within a short period of time, the algorithms achieved the following F1-Scores: Gradient Boosting (0.95), AdaBoost (0.94), K-Nearest Neighbors (0.93), ID3 (0.93), Random Forest (0.93), and MLP (0.78).

Original languageEnglish
Pages (from-to)195-208
Number of pages14
JournalSSRG International Journal of Electronics and Communication Engineering
Volume11
Issue number3
DOIs
Publication statusPublished - Mar 2024

Bibliographical note

Publisher Copyright:
© 2024 Seventh Sense Research Group®.

Keywords

  • AdaBoost
  • CSE-CIC-IDS2018
  • Machine Learning
  • MLP Network Intrusion Detection
  • Random Forest

Fingerprint

Dive into the research topics of 'Implementation of Six Single Classifiers and Feature Selection for Performance Enhancement in Anomaly-Based Intrusion Detection'. Together they form a unique fingerprint.

Cite this