Comparing the Area of Data Mining Algorithms in Network Intrusion Detection
Open Access
- 1 January 2020
- journal article
- research article
- Published by Scientific Research Publishing, Inc. in Journal of Information Security
- Vol. 11 (01), 1-18
- https://doi.org/10.4236/jis.2020.111001
Abstract
The network-based intrusion detection has become common to evaluate machine learning algorithms. Although the KDD Cup’99 Dataset has class imbalance over different intrusion classes, still it plays a significant role to evaluate machine learning algorithms. In this work, we utilize the singular valued decomposition technique for feature dimension reduction. We further reconstruct the features form reduced features and the selected eigenvectors. The reconstruction loss is used to decide the intrusion class for a given network feature. The intrusion class having the smallest reconstruction loss is accepted as the intrusion class in the network for that sample. The proposed system yield 97.90% accuracy on KDD Cup’99 dataset for the stated task. We have also analyzed the system with individual intrusion categories separately. This analysis suggests having a system with the ensemble of multiple classifiers; therefore we also created a random forest classifier. The random forest classifier performs significantly better than the SVD based system. The random forest classifier achieves 99.99% accuracy for intrusion detection on the same training and testing data set.Keywords
This publication has 23 references indexed in Scilit:
- Mining network data for intrusion detection through combining SVMs with ant colony networksFuture Generation Computer Systems, 2014
- An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detectionExpert Systems with Applications, 2012
- A K-Means and Naive Bayes Learning Approach for Better Intrusion DetectionInformation Technology Journal, 2011
- The use of computational intelligence in intrusion detection systems: A reviewApplied Soft Computing, 2010
- Efficient decision tree for protocol analysis in intrusion detectionInternational Journal of Security and Networks, 2010
- RT-UNNID: A practical solution to real-time network-based intrusion detection using unsupervised neural networksComputers & Security, 2006
- ADAMACM SIGMOD Record, 2001
- Estimating the Support of a High-Dimensional DistributionNeural Computation, 2001
- Induction of decision treesMachine Learning, 1986
- Document clustering: An evaluation of some experiments with the cranfield 1400 collectionInformation Processing & Management, 1975