Skip to main content
SpringerLink
Log in

A Comparison of Different Machine Learning Algorithms for Intrusion Detection

  • Conference paper
  • First Online:
Advanced Communication Systems and Information Security ( ACOSIS 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1264))

Abstract

With the rapid development of the internet, intrusion detection became one of the major research problems in computer security. Many Intrusion Detection Systems (IDS) use data mining algorithms for classifying network traffic data and detecting different security violations. In this paper, we present some of the datasets and methods employed with the focus on network anomaly detection. We compare different machine learning techniques used in the latest research carried out for developing network intrusion detection systems. We also present an overview of some deep learning methodologies and their application for IDS purposes. The primary objective of this survey is to provide with a researcher, the state of the artwork already performed in this field of research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Datasets \(|\) Research \(|\) Canadian Institute for Cybersecurity \(|\) UNB. https://www.unb.ca/cic/datasets/index.html

  2. Agre, G., Peev, S.: On supervised and unsupervised discretization. Cybern. Inf. Technol. 2(2), 43–57 (2002)

    Google Scholar 

  3. Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018)

    Article  Google Scholar 

  4. Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018). https://doi.org/10.1109/ACCESS.2018.2869577

    Article  Google Scholar 

  5. Albayati, M., Issac, B.: Analysis of intelligent classifiers and enhancing the detection accuracy for intrusion detection system. Int. J. Comput. Intell. Syst. 8(5), 841–853 (2015). https://doi.org/10.1080/18756891.2015.1084705. http://www.atlantis-press.com/php/paper-details.php?id=25868634

  6. Amudha, P., Abdul Rauf, H.: Performance analysis of data mining approaches in intrusion detection. In: 2011 International Conference on Process Automation, Control and Computing, Coimbatore, Tamilnadu, India, pp. 1–6. IEEE, July 2011. https://doi.org/10.1109/PACC.2011.5978878. http://ieeexplore.ieee.org/document/5978878/

  7. Bala, R., Nagpal, R.: A review on KDD Cup99 and NSL-KDD dataset. Int. J. Adv. Res. Comput. Sci. 10(2), 64 (2019)

    Article  Google Scholar 

  8. Belavagi, M.C., Muniyal, B.: Performance evaluation of supervised machine learning algorithms for intrusion detection. Procedia Comput. Sci. 89, 117–123 (2016). https://doi.org/10.1016/j.procs.2016.06.016. https://linkinghub.elsevier.com/retrieve/pii/S187705091631081X

  9. Bolon-Canedo, V., Sanchez-Marono, N., Alonso-Betanzos, A.: A combination of discretization and filter methods for improving classification performance in KDD Cup 99 dataset. In: 2009 International Joint Conference on Neural Networks, pp. 359–366. IEEE (2009)

    Google Scholar 

  10. Boulle, M.: Khiops: a statistical discretization method of continuous attributes. Mach. Learn. 55(1), 53–69 (2004). https://doi.org/10.1023/B:MACH.0000019804.29836.05. http://link.springer.com/10.1023/B:MACH.0000019804.29836.05

  11. Dougherty, J., Kohavi, R., Sahami, M.: Supervised and unsupervised discretization of continuous features. In: Machine Learning Proceedings 1995, pp. 194–202. Elsevier (1995). https://doi.org/10.1016/B978-1-55860-377-6.50032-3. https://linkinghub.elsevier.com/retrieve/pii/B9781558603776500323

  12. Eesa, A.S., Orman, Z., Brifcani, A.M.A.: A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst. Appl. 42(5), 2670–2679 (2015). https://doi.org/10.1016/j.eswa.2014.11.009. http://www.sciencedirect.com/science/article/pii/S0957417414006952

  13. Farahnakian, F., Heikkonen, J.: A deep auto-encoder based approach for intrusion detection system. In: 2018 20th International Conference on Advanced Communication Technology (ICACT), Chuncheon-si Gangwon-do, South Korea, pp. 178–183. IEEE, February 2018. https://doi.org/10.23919/ICACT.2018.8323688. https://ieeexplore.ieee.org/document/8323688/

  14. Fayyad, U., Irani, K.: Multi-interval discretization of continuous-valued attributes for classification learning (1993)

    Google Scholar 

  15. Kohavi, R.: Scaling up the accuracy of Naive-Bayes classifiers: a decision-tree hybrid. In: KDD, September 1997

    Google Scholar 

  16. Kohavi, R., John, G.H.: Wrappers for feature subset selection. Artif. Intell. 97(1), 273–324 (1997). https://doi.org/10.1016/S0004-3702(97)00043-X. http://www.sciencedirect.com/science/article/pii/S000437029700043X

  17. Kohavi, R., Sahami, M.: Error-based and entropy-based discretization of continuous features. In: KDD (1996)

    Google Scholar 

  18. Kotsiantis, S., Kanellopoulos, D.: Discretization techniques: a recent survey. GESTS Int. Trans. Comput. Sci. Eng. 32, 47–58 (2005)

    Google Scholar 

  19. Kumar, M., Hanumanthappa, M., Kumar, T.V.S.: Intrusion Detection System using decision tree algorithm. In: 2012 IEEE 14th International Conference on Communication Technology, pp. 629–634, November 2012. https://doi.org/10.1109/ICCT.2012.6511281

  20. McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3, 262–294 (2000). https://doi.org/10.1145/382912.382923

    Article  Google Scholar 

  21. Mohamad Tahir, H., et al.: Hybrid machine learning technique for intrusion detection system (2015)

    Google Scholar 

  22. Panda, M., Patra, M.R.: A comparative study of data mining algorithms for network intrusion detection. In: 2008 First International Conference on Emerging Trends in Engineering and Technology, pp. 504–507, July 2008. https://doi.org/10.1109/ICETET.2008.80

  23. Reza, M., Miri Rostami, S., Javidan, R.: A hybrid data mining approach for intrusion detection on imbalanced NSL-KDD dataset. Int. J. Adv. Comput. Sci. Appl. 7 (2016). https://doi.org/10.14569/IJACSA.2016.070603

  24. Romadi, R., Eddahmani, S., Bounabat, B.: IDS in cloud computing a novel multi-agent specification method. 7 (2005)

    Google Scholar 

  25. Shrivas, A.K., Dewangan, A.K.: An ensemble model for classification of attacks with feature selection based on kdd99 and NSL-KDD data set. Int. J. Comput. Appl. 99(15), 8–13 (2014)

    Google Scholar 

  26. Subhy, M., Ibrahim, L.M., Basheer, D.: A comparison study for intrusion database (KDD99, NSL-KDD) based on self organization map (SOM) artificial neural network. J. Eng. Sci. Technol. 8, 107–119 (2013)

    Google Scholar 

  27. Sumaiya Thaseen, I., Aswani Kumar, C.: Intrusion detection model using fusion of chi-square feature selection and multi class SVM. J. King Saud Univ. Comput. Inf. Sci. 29(4), 462–472 (2017). https://doi.org/10.1016/j.jksuci.2015.12.004. https://linkinghub.elsevier.com/retrieve/pii/S1319157816300076

  28. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada, pp. 1–6. IEEE, July 2009. https://doi.org/10.1109/CISDA.2009.5356528. http://ieeexplore.ieee.org/document/5356528/

  29. Yang, Y., Webb, G.I.: Proportional k-interval discretization for Naive-Bayes classifiers. In: De Raedt, L., Flach, P. (eds.) ECML 2001. LNCS (LNAI), vol. 2167, pp. 564–575. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44795-4_48

    Chapter  Google Scholar 

  30. Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017). https://doi.org/10.1109/ACCESS.2017.2762418

    Article  Google Scholar 

  31. Zhang, H., Jiang, L., Su, J.: Hidden Naive Bayes. In: AAAI (2005)

    Google Scholar 

  32. Zhang, H., Huang, L., Wu, C.Q., Li, Z.: An effective convolutional neural network based on smote and gaussian mixture model for intrusion detection in imbalanced dataset. Comput. Netw. 177, 107315 (2020)

    Article  Google Scholar 

  33. Çavuşoğlu, Ü.: A new hybrid approach for intrusion detection using machine learning methods. Appl. Intell. 49(7), 2735–2761 (2019). https://doi.org/10.1007/s10489-018-01408-x

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory of Research, IRDA Team, ENSIAS, Mohammed V University, Rabat, Morocco

    Basma Karbal & Rahal Romadi

Authors
  1. Basma Karbal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rahal Romadi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Basma Karbal .

Editor information

Editors and Affiliations

  1. Mohammed V University, Rabat, Morocco

    Mostafa Belkasmi

  2. Centrale Supélec and Sorbonne University, Paris, France

    Jalel Ben-Othman

  3. Memorial University of Newfoundland, St. John's, NL, Canada

    Cheng Li

  4. Mohammed V University, Rabat, Morocco

    Mohamed Essaaidi

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Karbal, B., Romadi, R. (2020). A Comparison of Different Machine Learning Algorithms for Intrusion Detection. In: Belkasmi, M., Ben-Othman, J., Li, C., Essaaidi, M. (eds) Advanced Communication Systems and Information Security. ACOSIS 2019. Communications in Computer and Information Science, vol 1264. Springer, Cham. https://doi.org/10.1007/978-3-030-61143-9_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-61143-9_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-61142-2

  • Online ISBN: 978-3-030-61143-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation