Intrusion Detection System Using Machine Learning Models

Abstract

The anomaly Intrusion Detection is one of the major research issues now a days. The advancement in networks has indeed increased the need of designing and executing a more reliable and more accurate network security systems. For this purpose, intrusion detection systems (IDS) are used to monitor the threats encountered on the network, by detecting any change in the normal profile. The idea here is, to use classification algorithms for analyzing KDD’99 datasets, with 41 Attributes (features). Based on these 41 attributes, the KDD’99 Datasets has been classified into five different types of attacks, i.e. normal, Probe, U2R, R2L and DOS. The algorithms used in this paper are support vector machine (SVM) and Random Forest (RF). Apart from using Random Forest for classification, it is also used in feature extraction. These algorithms are used to classify the data among various classes. The simulation results demonstrated that the support vector machine out performs as compared with Random Forest as an anomaly intrusion detection system with high accuracy. The validation of snort rule’s dataset, generated by the given attacks, has been performed using support vector machine. The experimentation results have higher accuracy, for the validation of the KDD’99 data set used in the training.