Comparative Analysis of Various Machine Learning Techniques Applied Towards Intrusion Detection in Computer Networks

Balogun, Ghaniyyat Bolanle; Babade, Olugunna Samuel; Awotunde, Joseph Bamidele Awotunde; Abdulraheem, Muhideen; Oladipo, Idowu Dauda

doi:10.21608/jocc.2024.380148

Comparative Analysis of Various Machine Learning Techniques Applied Towards Intrusion Detection in Computer Networks

Document Type : Original Article

Authors

¹ University of Ilorin, Nigeria

² University of Ilorin Nigeria

10.21608/jocc.2024.380148

Abstract

The paper discusses the development of intrusion detection systems (IDS) and their limitations in accurately detecting minority attack classes in computer networks. Despite advancements in IDS technologies, attackers can still breach networks. The aim of the work is to compare various machine learning models to find the best performing one for intrusion detection. The methodology involves using the Boruta algorithm for feature selection, under sampling to address class imbalance, and PyCaret for model comparison, training, and testing. The experimental results reveal that the Gradient Boosting classifier achieved the highest accuracy at 99.70%, while Naïve Bayes had the lowest accuracy at 84.77%. These findings underscore the importance of selecting robust machine learning approaches to enhance network security against evolving cyber threats. A stacking classifier was also created and outperformed other algorithms with 99.69% accuracy but slightly below the Gradient Boosting Classifier, which had 99.72% accuracy. The recommended model of choice for network intrusion detection is the Gradient Boosting classifier.

Keywords

References

[1]. Anderson, J.P. (1980). Computer Security threat monitoring and surveillance Report, James P. Anderson Company. Washington: James P. Anderson Co.

[2]. West, M. (2014). Network and System Security (2nd ed.). Boston: Syngress.

[3]. Verma, A., & Ranga, V. (2018). Statistical analysis of CIDDS-001 dataset for network intrusion detection systems using distance-based machine learning. Procedia Computer Science, 125, 709-716.

[4]. Solane, D., & Omar, D. N. (2015). Using Data Mining Algorithms for Developing a Model for Intrusion Detection System (IDS). ELSEVIER.

[5]. Gharib, A., Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2016, December). An evaluation framework for intrusion detection dataset. In 2016 International Conference on Information Science and Security (ICISS) (pp. 1-6). IEEE.

[6]. Kursa, M. B., & Rudnicki, W. R. (2010). Feature Selection with the Boruta Package. Journal of Statistical Software, 36(11), 1–13. https://doi.org/10.18637/jss.v036.i11

[7]. Chellam, A., Ramanathan, L., & Ramani, S. (2018). Intrusion detection in computer networks using lazy learning algorithm. Procedia computer science, 132, 928-936.

[8]. Sarker, I. H. (2021). Ai-driven cybersecurity: an overview, security intelligence modeling and research directions. SN Computer Science.

[9]. Budler, B., & Ajoodha, R. (2021). Comparative Analysis of Deep Learning Models for Network Intrusion Detection Systems, pp. 1-4.

[10]. Cannady, J., & Harrell, J. (1996). A comparative analysis of current intrusion detection technologies. In Proceedings of the Fourth Technology for Information Security Conference (Vol. 96).

[11]. Ahmad, I., Abdullah, A. B., & Alghamdi, A. S. (2010). Applying neural network to U2R attacks. 2010 IEEE Symposium on Industrial Electronics and Applications (ISIEA). https://doi.org/10.1109/ISIEA.2010.5679451

[12]. Man, J., & Sun, G. (2021). A Residual Learning-Based Network Intrusion Detection System. Security and Communication Networks, 2021.

[13]. Richa, P., & Adesh, N. D. (2021). Comparative analysis of Machine Learning algorithms for Intrusion Detection. In IOP Conference Series: Materials Science and Engineering (Vol. 1013, No. 1, p. 012038). IOP Publishing.

[14]. Chakraverty, P. M. (2015). Computer Networking Technologies and Application to IT Enabled Services.

[15]. Osisanwo, F. Y., Akinsola, J. E. T., Awodele, O., Hinmikaiye, J. O., Olakanmi, O., & Akinjobi, J. (2017). Supervised Machine Learning Algorithms: Classification and Comparison. International Journal of Computer Trends and Technology (IJCTT), 48(3), 128-138. doi: 10.14445/22312803/IJCTT-V48P126

[16]. Gaigole, M. S., & Kalyankar, M. A. (2015). The Study of Network Security with Its Penetrating Attacks and Possible Security Mechanisms. International Journal of Computer Science and Mobile Computing, 4(5).

[17]. Delamore, B., & Ko, R. K. L. (2015). Security as a service (SecaaS)—An overview. The Cloud Security Ecosystem, 187–203. doi:10.1016/b978-0-12-801595-7.00009-4

[18]. Lin, S.-W., Ying, K.-C., Lee, C.-Y., & Lee, Z.-J. (2012). An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Applied Soft Computing, 12(10), 3285–3290. doi:10.1016/j.asoc.2012.05.004

[19]. McHugh, J., (2001). Intrusion and Intrusion Detection. IJIS, 2001(1). pp. 14–35. doi:10.1007/s102070100001. Pittsburgh: Springer-Verlag.

[20]. Ko, R., & Choo, R. (2015). The cloud security ecosystem: technical, legal, business and management issues. Syngress.

[21]. Mighan, S. N., & Kahani, M. (2021). A novel scalable intrusion detection system based on deep learning. International Journal of Information Security, 20(3), 387-403. doi:10.1007/s10207-020-00508-5

[22]. Sheikh, T., Syed, R., Rayan, A., & Saleh, A. (2019). An adaptive intrusion detection and prevention system for Internet of Things. International Journal of Distributed Sensor Networks, 15(11).

[23]. Kumar, D. B., & Deepa, B. (2015). Computer Networking: A Survey. International Journal of Trend in Research and Development, 2(5).

[24]. Gaylord, I. (2021). Network Intrusion: How to Detect and Prevent It. Retrieved from United States Cybersecurity Magazine: https://www.uscybersecurity.net/network-intrusion/

[25]. Tsai, C. F., Hsu, Y. F., Lin, C. Y., & Lin, W. Y. (2009). Intrusion detection by machine learning: A review. Expert systems with applications, 36(10), 11994-12000.

[26]. Gaylord, I. (2021). Network Intrusion: How to Detect and Prevent It. Retrieved from United States Cybersecurity Magazine: https://www.uscybersecurity.net/network-intrusion/

[27]. West, M. (2014). Preventing system intrusions. In Network and System Security (pp. 29-56). Syngress.

[28]. Kursa, M. B., & Rudnicki, W. R. (2010). Feature Selection with the Boruta Package. Journal of Statistical Software, 36(11), 1–13. https://doi.org/10.18637/jss.v036.i11