An Investigation into the Effectiveness of Machine Learning Techniques for Intrusion Detection

• Published in: Arid Zone Journal of Engineering Technology and Environment Vol. 13; no. 6; pp. 764 - 778
• Main Authors: Dada, E G, Bassi, J S, Adekunle, O O
• Format: Journal Article
• Language: English
• Published: Borno State University of Maiduguri 01.12.2017
• Subjects: Algorithms; Artificial intelligence; Computer networks; Cybersecurity; Intrusion detection systems; Investigations; Learning algorithms; Machine learning; Neural networks; Subgroups; System effectiveness; Training
• ISSN: 1596-2644; 2545-5818; 2545-5818

Attacks on computer systems are becoming progressively frequent. Many machine learning techniques have been developed in the bid to increase the effectiveness of intrusion detection systems (IDS). However, the sophistication of intrusion attacks on computer networks and the large size of dataset pose a serious challenge as they drastically reduce the effectiveness of the IDS. We do not propose any new algorithm in this paper. However, experiments were conducted to investigate the performance of six (6) machine learning techniques found in literature and how they can effectively detect intrusion activities on a network. This work examines how effective each algorithm under investigation handles intrusion events. In our experiment, the NSL-KDDTrain+ dataset was partitioned into training subgroups subject to the type of network protocol. Subsequent to this, extraneous and unneeded attributes are removed from each training subgroup. The effectiveness of the algorithms was evaluated. The experimental results show that the Logistic Model Tree Induction method is more effective in terms of (classification accuracy: 99.40%, F-measure: 0.991, false positive rate: 0.32%, precision: 98.90% and Receiver Operating Characteristics: 98.6%) compared to the other five machine learning techniques we investigated.