Litcius/Paper detail

Intrusion Detection System using Feature Selection With Clustering and Classification Machine Learning Algorithms on the UNSW-NB15 dataset

Mohamed Hammad, Wael Elmedany, Yasser Ismail

202045 citationsDOI

Abstract

The identification of malicious network traffic through intrusion detection systems (IDS) becomes very challenging. This malicious network appears as a network protocols or normal access. In this paper, for the classification of cyberattacks, four different algorithms are used on UNSW-NB15 dataset, these methods are naive bays (NB), Random Forest (RF), J48, and ZeroR. Also, K-MEANS and Expectation Maximization (EM) clustering algorithms are used to cluster the UNSW-NB15 dataset into two clusters depending on the target attribute attack, or normal network traffic. To develop an optimal subset of features, Correlation-based Feature Selection (CFS) is used, then the mentioned classification and clustering techniques are used. The used methods gives an efficient tool for studying and analyzing intrusion detection in large networks. The result show that RF and J48 algorithms performed best results with 97.59%, and 93.78%, respectively.

Topics & Concepts

C4.5 algorithmComputer scienceCluster analysisIntrusion detection systemFeature selectionRandom forestData miningStatistical classificationIdentification (biology)Artificial intelligenceFeature (linguistics)Machine learningAlgorithmSupport vector machineNaive Bayes classifierBiologyPhilosophyLinguisticsBotanyNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesInternet Traffic Analysis and Secure E-voting