Abstract
With the rapid development of the internet, intrusion detection became one of the major research problems in computer security. Many Intrusion Detection Systems (IDS) use data mining algorithms for classifying network traffic data and detecting different security violations. In this paper, we present some of the datasets and methods employed with the focus on network anomaly detection. We compare different machine learning techniques used in the latest research carried out for developing network intrusion detection systems. We also present an overview of some deep learning methodologies and their application for IDS purposes. The primary objective of this survey is to provide with a researcher, the state of the artwork already performed in this field of research.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Datasets \(|\) Research \(|\) Canadian Institute for Cybersecurity \(|\) UNB. https://www.unb.ca/cic/datasets/index.html
Agre, G., Peev, S.: On supervised and unsupervised discretization. Cybern. Inf. Technol. 2(2), 43–57 (2002)
Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018)
Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018). https://doi.org/10.1109/ACCESS.2018.2869577
Albayati, M., Issac, B.: Analysis of intelligent classifiers and enhancing the detection accuracy for intrusion detection system. Int. J. Comput. Intell. Syst. 8(5), 841–853 (2015). https://doi.org/10.1080/18756891.2015.1084705. http://www.atlantis-press.com/php/paper-details.php?id=25868634
Amudha, P., Abdul Rauf, H.: Performance analysis of data mining approaches in intrusion detection. In: 2011 International Conference on Process Automation, Control and Computing, Coimbatore, Tamilnadu, India, pp. 1–6. IEEE, July 2011. https://doi.org/10.1109/PACC.2011.5978878. http://ieeexplore.ieee.org/document/5978878/
Bala, R., Nagpal, R.: A review on KDD Cup99 and NSL-KDD dataset. Int. J. Adv. Res. Comput. Sci. 10(2), 64 (2019)
Belavagi, M.C., Muniyal, B.: Performance evaluation of supervised machine learning algorithms for intrusion detection. Procedia Comput. Sci. 89, 117–123 (2016). https://doi.org/10.1016/j.procs.2016.06.016. https://linkinghub.elsevier.com/retrieve/pii/S187705091631081X
Bolon-Canedo, V., Sanchez-Marono, N., Alonso-Betanzos, A.: A combination of discretization and filter methods for improving classification performance in KDD Cup 99 dataset. In: 2009 International Joint Conference on Neural Networks, pp. 359–366. IEEE (2009)
Boulle, M.: Khiops: a statistical discretization method of continuous attributes. Mach. Learn. 55(1), 53–69 (2004). https://doi.org/10.1023/B:MACH.0000019804.29836.05. http://link.springer.com/10.1023/B:MACH.0000019804.29836.05
Dougherty, J., Kohavi, R., Sahami, M.: Supervised and unsupervised discretization of continuous features. In: Machine Learning Proceedings 1995, pp. 194–202. Elsevier (1995). https://doi.org/10.1016/B978-1-55860-377-6.50032-3. https://linkinghub.elsevier.com/retrieve/pii/B9781558603776500323
Eesa, A.S., Orman, Z., Brifcani, A.M.A.: A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst. Appl. 42(5), 2670–2679 (2015). https://doi.org/10.1016/j.eswa.2014.11.009. http://www.sciencedirect.com/science/article/pii/S0957417414006952
Farahnakian, F., Heikkonen, J.: A deep auto-encoder based approach for intrusion detection system. In: 2018 20th International Conference on Advanced Communication Technology (ICACT), Chuncheon-si Gangwon-do, South Korea, pp. 178–183. IEEE, February 2018. https://doi.org/10.23919/ICACT.2018.8323688. https://ieeexplore.ieee.org/document/8323688/
Fayyad, U., Irani, K.: Multi-interval discretization of continuous-valued attributes for classification learning (1993)
Kohavi, R.: Scaling up the accuracy of Naive-Bayes classifiers: a decision-tree hybrid. In: KDD, September 1997
Kohavi, R., John, G.H.: Wrappers for feature subset selection. Artif. Intell. 97(1), 273–324 (1997). https://doi.org/10.1016/S0004-3702(97)00043-X. http://www.sciencedirect.com/science/article/pii/S000437029700043X
Kohavi, R., Sahami, M.: Error-based and entropy-based discretization of continuous features. In: KDD (1996)
Kotsiantis, S., Kanellopoulos, D.: Discretization techniques: a recent survey. GESTS Int. Trans. Comput. Sci. Eng. 32, 47–58 (2005)
Kumar, M., Hanumanthappa, M., Kumar, T.V.S.: Intrusion Detection System using decision tree algorithm. In: 2012 IEEE 14th International Conference on Communication Technology, pp. 629–634, November 2012. https://doi.org/10.1109/ICCT.2012.6511281
McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3, 262–294 (2000). https://doi.org/10.1145/382912.382923
Mohamad Tahir, H., et al.: Hybrid machine learning technique for intrusion detection system (2015)
Panda, M., Patra, M.R.: A comparative study of data mining algorithms for network intrusion detection. In: 2008 First International Conference on Emerging Trends in Engineering and Technology, pp. 504–507, July 2008. https://doi.org/10.1109/ICETET.2008.80
Reza, M., Miri Rostami, S., Javidan, R.: A hybrid data mining approach for intrusion detection on imbalanced NSL-KDD dataset. Int. J. Adv. Comput. Sci. Appl. 7 (2016). https://doi.org/10.14569/IJACSA.2016.070603
Romadi, R., Eddahmani, S., Bounabat, B.: IDS in cloud computing a novel multi-agent specification method. 7 (2005)
Shrivas, A.K., Dewangan, A.K.: An ensemble model for classification of attacks with feature selection based on kdd99 and NSL-KDD data set. Int. J. Comput. Appl. 99(15), 8–13 (2014)
Subhy, M., Ibrahim, L.M., Basheer, D.: A comparison study for intrusion database (KDD99, NSL-KDD) based on self organization map (SOM) artificial neural network. J. Eng. Sci. Technol. 8, 107–119 (2013)
Sumaiya Thaseen, I., Aswani Kumar, C.: Intrusion detection model using fusion of chi-square feature selection and multi class SVM. J. King Saud Univ. Comput. Inf. Sci. 29(4), 462–472 (2017). https://doi.org/10.1016/j.jksuci.2015.12.004. https://linkinghub.elsevier.com/retrieve/pii/S1319157816300076
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada, pp. 1–6. IEEE, July 2009. https://doi.org/10.1109/CISDA.2009.5356528. http://ieeexplore.ieee.org/document/5356528/
Yang, Y., Webb, G.I.: Proportional k-interval discretization for Naive-Bayes classifiers. In: De Raedt, L., Flach, P. (eds.) ECML 2001. LNCS (LNAI), vol. 2167, pp. 564–575. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44795-4_48
Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017). https://doi.org/10.1109/ACCESS.2017.2762418
Zhang, H., Jiang, L., Su, J.: Hidden Naive Bayes. In: AAAI (2005)
Zhang, H., Huang, L., Wu, C.Q., Li, Z.: An effective convolutional neural network based on smote and gaussian mixture model for intrusion detection in imbalanced dataset. Comput. Netw. 177, 107315 (2020)
Çavuşoğlu, Ü.: A new hybrid approach for intrusion detection using machine learning methods. Appl. Intell. 49(7), 2735–2761 (2019). https://doi.org/10.1007/s10489-018-01408-x
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Karbal, B., Romadi, R. (2020). A Comparison of Different Machine Learning Algorithms for Intrusion Detection. In: Belkasmi, M., Ben-Othman, J., Li, C., Essaaidi, M. (eds) Advanced Communication Systems and Information Security. ACOSIS 2019. Communications in Computer and Information Science, vol 1264. Springer, Cham. https://doi.org/10.1007/978-3-030-61143-9_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-61143-9_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-61142-2
Online ISBN: 978-3-030-61143-9
eBook Packages: Computer ScienceComputer Science (R0)