Detecting intrusions in computer network traffic with machine learning approaches

Pascal Maniriho, Leki Jovial Mahoro, Ephrem Niyigaba, Zephanie Bizimana, Tohari Ahmad*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

25 Citations (Scopus)

Abstract

Security has been a crucial factor in this modern digital period due to the rapid development of information technology, which is followed by serious computer crimes that, in turn, led to the emergence of Intrusion Detection Systems (IDSs). Various approaches such as single machine learning classifiers and Ensemble Classifiers couple with features selection methods have been proposed to improve the performance of IDS. In this regard, in the previous work, we have used the NSL-KDD IDS dataset, Gain Ratio Feature Evaluator (GRFE), and Correlation Ranking Filter (CRF) feature selection methods coupled with various machine-learning techniques to detect intrusions in computer network traffic. While the experiment has demonstrated that GRFE selects the most relevant feature subsects over CRF, which results in different performance, the previous work can be extended as follows. First, the most relevant feature subset generated by GRFE in the previous work is employed to assess and compare the performance of a single machine learning technique (Lazy IBK, aka K-Nearest Neighbor) over an ensemble technique (Random Committee) while detecting intrusions in a computer network. Second, two distinct datasets (NSL-KDD and UNSW-NB15) are employed for better performance analysis. Third, limitations encountered in the domain of network intrusion detection are also discussed. The results reveal that the ensemble technique performs well over a single machine learning technique with a misclassification gap of 0.969% and 1.19% (obtained using NSL-KDD dataset) and 1.62% and 1.576% (obtained using UNSW-NB15 dataset).

Original languageEnglish
Pages (from-to)433-445
Number of pages13
JournalInternational Journal of Intelligent Engineering and Systems
Volume13
Issue number3
DOIs
Publication statusPublished - 2020

Keywords

  • Computer network traffic
  • Feature selection
  • Intrusion detection
  • Machine learning
  • Network security

Fingerprint

Dive into the research topics of 'Detecting intrusions in computer network traffic with machine learning approaches'. Together they form a unique fingerprint.

Cite this