TY - JOUR
T1 - Detecting intrusions in computer network traffic with machine learning approaches
AU - Maniriho, Pascal
AU - Mahoro, Leki Jovial
AU - Niyigaba, Ephrem
AU - Bizimana, Zephanie
AU - Ahmad, Tohari
N1 - Publisher Copyright:
© 2020, Intelligent Network and Systems Society.
PY - 2020
Y1 - 2020
N2 - Security has been a crucial factor in this modern digital period due to the rapid development of information technology, which is followed by serious computer crimes that, in turn, led to the emergence of Intrusion Detection Systems (IDSs). Various approaches such as single machine learning classifiers and Ensemble Classifiers couple with features selection methods have been proposed to improve the performance of IDS. In this regard, in the previous work, we have used the NSL-KDD IDS dataset, Gain Ratio Feature Evaluator (GRFE), and Correlation Ranking Filter (CRF) feature selection methods coupled with various machine-learning techniques to detect intrusions in computer network traffic. While the experiment has demonstrated that GRFE selects the most relevant feature subsects over CRF, which results in different performance, the previous work can be extended as follows. First, the most relevant feature subset generated by GRFE in the previous work is employed to assess and compare the performance of a single machine learning technique (Lazy IBK, aka K-Nearest Neighbor) over an ensemble technique (Random Committee) while detecting intrusions in a computer network. Second, two distinct datasets (NSL-KDD and UNSW-NB15) are employed for better performance analysis. Third, limitations encountered in the domain of network intrusion detection are also discussed. The results reveal that the ensemble technique performs well over a single machine learning technique with a misclassification gap of 0.969% and 1.19% (obtained using NSL-KDD dataset) and 1.62% and 1.576% (obtained using UNSW-NB15 dataset).
AB - Security has been a crucial factor in this modern digital period due to the rapid development of information technology, which is followed by serious computer crimes that, in turn, led to the emergence of Intrusion Detection Systems (IDSs). Various approaches such as single machine learning classifiers and Ensemble Classifiers couple with features selection methods have been proposed to improve the performance of IDS. In this regard, in the previous work, we have used the NSL-KDD IDS dataset, Gain Ratio Feature Evaluator (GRFE), and Correlation Ranking Filter (CRF) feature selection methods coupled with various machine-learning techniques to detect intrusions in computer network traffic. While the experiment has demonstrated that GRFE selects the most relevant feature subsects over CRF, which results in different performance, the previous work can be extended as follows. First, the most relevant feature subset generated by GRFE in the previous work is employed to assess and compare the performance of a single machine learning technique (Lazy IBK, aka K-Nearest Neighbor) over an ensemble technique (Random Committee) while detecting intrusions in a computer network. Second, two distinct datasets (NSL-KDD and UNSW-NB15) are employed for better performance analysis. Third, limitations encountered in the domain of network intrusion detection are also discussed. The results reveal that the ensemble technique performs well over a single machine learning technique with a misclassification gap of 0.969% and 1.19% (obtained using NSL-KDD dataset) and 1.62% and 1.576% (obtained using UNSW-NB15 dataset).
KW - Computer network traffic
KW - Feature selection
KW - Intrusion detection
KW - Machine learning
KW - Network security
UR - http://www.scopus.com/inward/record.url?scp=85087058081&partnerID=8YFLogxK
U2 - 10.22266/IJIES2020.0630.39
DO - 10.22266/IJIES2020.0630.39
M3 - Article
AN - SCOPUS:85087058081
SN - 2185-310X
VL - 13
SP - 433
EP - 445
JO - International Journal of Intelligent Engineering and Systems
JF - International Journal of Intelligent Engineering and Systems
IS - 3
ER -