The Intrusion Detection System (IDS) is an effective tool utilized in cybersecurity systems to detect and identify intrusion attacks. With the increasing volume of data generation, the possibility of various forms of intrusion attacks also increases. Feature selection is crucial and often necessary to enhance performance. The structure of the dataset can impact the efficiency of the machine learning model. Furthermore, data imbalance can pose a problem, but sampling approaches can help mitigate it. This research aims to explore machine learning (ML) approaches for IDS, specifically focusing on datasets, machine algorithms, and metrics. Three datasets were utilized in this study: KDD 99, UNSW-NB15, and CSE-CIC-IDS 2018. Various machine learning algorithms were chosen and examined to assess IDS performance. The primary objective was to provide a taxonomy for interconnected intrusion detection systems and supervised machine learning algorithms. The selection of datasets is crucial to ensure the suitability of the model construction for IDS usage. The evaluation was conducted for both binary and multi-class classification to ensure the consistency of the selected ML algorithms for the given dataset. The experimental results demonstrated accuracy rates of 100% for binary classification and 99.4In conclusion, it can be stated that supervised machine learning algorithms exhibit high and promising classification performance based on the study of three popular datasets.
This work exploits the concept of one-class classifier applied to the problem of anomaly detection in communication networks. The article presents the design of an innovative anomaly detection algorithm based on polynomial interpolation technique and statistical analysis. The innovative method is applied to datasets largely used in the scientific community for bench-marking such as KDD99, UNSW-NB15 and CSE-CIC-IDS-2018, and further evaluated with application to a novel available dataset EDGE-IIOTSET 2022. The paper also reports experimental results showing that the proposed methodology outperforms classic one-class classifiers, such as Extreme Learning Machine and Support Vector Machine models, and rule-based intrusion detection system like SNORT. With respect to binary classifiers, this work has the advantage of not requiring any a-priori knowledge about attacks and is based on the collection of only normal data traffic.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.