Abstract
The continuous growth of computer networks and the internet has brought attention to the increasing potential damage caused by attacks. Intrusion Detection Systems (IDSs) have emerged as crucial defense tools against the rising frequency and sophistication of network attacks. However, effectively detecting new attacks using machine-learning approaches in intrusion detection systems presents challenges.
This study focuses on the CICIDS2017 dataset, which is one of the most recent and updated IDS datasets publicly available. The CICIDS2017 dataset contains both benign and seven common attack network flows, meeting real-world criteria and providing true network traffic data. Furthermore, The CICIDS2017 dataset presents challenges when it comes to measuring the performance of a comprehensive set of machine learning algorithms in order to identify the optimal pattern set for detecting specific attack categories.
This paper contributes to the field of intrusion detection systems by benchmarking the decision tree family. As a result of our study XGBoost achieves the highest accuracy of 99%, followed by Random Forest with 98%, Gradient Boosting Trees with 88%, and Decision Tree with 89%.
Overall, this research provides valuable insights into the performance of decision tree family and feature selection methods, paving the way for the advancement of more reliable and efficient intrusion detection systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mazini, M., Shirazi, B., Mahdavi, I.: Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. J. King Saud Univ. – Comput. Inf. Sci. 31(4), 541–553 (2019)
Khraisat, A., Alazab, A.: A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges. Cybersecurity 4(1), 1–27 (2021). https://doi.org/10.1186/s42400-021-00077-7
Mhawi, D.N., Aldallal, A., Hassan, S.: Advanced feature-selection-based hybrid ensemble learning algorithms for network intrusion detection systems. Symmetry 14, 1461 (2022)
Maseer, Z.K., Yusof, R., Bahaman, N., Mostafa, S.A., Foozy, C.F.M.: Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access 9, 22351–22370 (2021)
Yulianto, A., Sukarno, P., Suwastika, N.A.: Improving AdaBoost-based intrusion detection system (IDS) performance on CIC IDS 2017 dataset. J. Phys. Conf. Series 1192, 012018 (2019)
Kurniabudi, D.S., Darmawijoyo, M.Y., Idris, B., Bamhdi, A.M., Budiarto, R.: CICIDS-2017 dataset feature analysis with information gain for anomaly detection. IEEE Access 8, 132911–132921 (2020). https://doi.org/10.1109/ACCESS.2020.3009843
Sharafaldin, I., Habibi Lashkari, A., Ghorbani, A.A.: A detailed analysis of the CICIDS2017 data set. In: Mori, P., Furnell, S., Camp, O. (eds.) ICISSP 2018. CCIS, vol. 977, pp. 172–188. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25109-3_9
Reis, B., Maia, E., Praça, I.: Selection and performance analysis of CICIDS2017 features importance. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds.) FPS 2019. LNCS, vol. 12056, pp. 56–71. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45371-8_4
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy – ICISSP, ISBN 978-989-758-282-0, ISSN 2184-4356, pp. 108–116. SciTePress (2018)
Aksu, D., Üstebay, S., Aydin, M.A., Atmaca, T.: Intrusion detection with comparative analysis of supervised learning techniques and fisher score feature selection algorithm. In: Czachórski, T., Gelenbe, E., Grochla, K., Lent, R. (eds.) Computer and Information Sciences. ISCIS 2018. Communications in Computer and Information Science, vol. 935. Springer, Cham. https://doi.org/10.1007/978-3-030-00840-6_16
Tsai, J.J.P., Yu, Z.: Intrusion Detection: A Machine Learning Approach. Imperial College Press, GBR (2011)
Bhavani, T.T., Rao, M.K., Reddy, A.M.: Network intrusion detection system using random forest and decision tree machine learning techniques. In: Luhach, A.K., Kosa, J.A., Poonia, R.C., Gao, X.-Z., Singh, D. (eds.) First International Conference on Sustainable Technologies for Computational Intelligence. AISC, vol. 1045, pp. 637–643. Springer, Singapore (2020). https://doi.org/10.1007/978-981-15-0029-9_50
Brochu, E., Cora, V.M., de Freitas, N.: A Tutorial on Bayesian Optimization of Expensive Cost Functions, with Application to Active User Modeling and Hierarchical Reinforcement Learning. ArXiv abs/1012.2599 (2010)
Galuzzi, B.G., Giordani, I., Candelieri, A., Perego, R., Archetti, F.: Hyperparameter optimization for recommender systems through Bayesian optimization. CMS 17(4), 495–515 (2020). https://doi.org/10.1007/s10287-020-00376-3
Masum, M., et al.: Bayesian hyperparameter optimization for deep neural network-based network intrusion detection. In: 2021 IEEE International Conference on Big Data (Big Data), Orlando, FL, USA, pp. 5413–5419 (2021)
Hodo, E., Bellekens, X., Hamilton, A., Tachtatzis, C., Atkinson, R.: Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey (2017)
Axelsson, S.: Intrusion Detection Systems: A Survey and Taxonomy (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Azalmad, M., El Ayachi, R., Biniz, M. (2023). Unveiling the Performance Insights: Benchmarking Anomaly-Based Intrusion Detection Systems Using Decision Tree Family Algorithms on the CICIDS2017 Dataset. In: El Ayachi, R., Fakir, M., Baslam, M. (eds) Business Intelligence. CBI 2023. Lecture Notes in Business Information Processing, vol 484 . Springer, Cham. https://doi.org/10.1007/978-3-031-37872-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-37872-0_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-37871-3
Online ISBN: 978-3-031-37872-0
eBook Packages: Computer ScienceComputer Science (R0)