Anomaly intrusion detection using machine learning- IG-R based on NSL-KDD dataset

Ashraf H. Aljammal, Ibrahim Al-Oqily, Mamoon Obiedat, Ahmad Qawasmeh, Salah Taamneh, Fadi I. Wedyan

Abstract


Cybersecurity is challenging for security guards because of the rising quantity, variety, and frequency of attacks and malicious activities in cyberspace. Intrusion attacks are among the most common types of cyberspace attacks. Therefore, an intrusion detection system (IDS) is in high demand to accurately detect and mitigate their impact. In this paper, an anomaly IDS using machine learning and information gain-rank (IG-R) is proposed to improve the detection accuracy of intrusions. The network security lab-knowledge discovery dataset (NSL-KDD) is used to train and test the proposed IDS. Initially, the information gain (IG) algorithm and Ranker are used to evaluate, rank and reduce the number of selected instances from 41 instances to only 6 instances. Furthermore, many classifiers have been tested and evaluated; such as adaptive boosting (AdaBoostM1), random forest, J48, and naïve Bayes to choose the best performance classifier to be used in the detection process. After applying the IG-R and testing the suggested classifiers, the results showed that the random forest classifier has the best performance over the tested classifiers with TPR, FPR, and accuracy of 99.7%, 0.3%, and 99.7%, respectively, and is recommended to be used in the detection process.

Keywords


Anomaly detection; Cyber security; Intrusion detection; Machine learning; Network security; Network security lab-knowledge discovery dataset

Full Text:

PDF


DOI: https://doi.org/10.11591/eei.v13i6.7308

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats

Bulletin of Electrical Engineering and Informatics (BEEI)
ISSN: 2089-3191, e-ISSN: 2302-9285
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).