Evaluation of Machine Learning Algorithms for Intrusion Detection System

TL;DR

This paper evaluates various machine learning classifiers on the KDD dataset to improve intrusion detection by analyzing false negatives, false positives, and accuracy, highlighting decision tables and random forests.

Contribution

It provides a comparative analysis of multiple classifiers for IDS, emphasizing metrics like false negatives and false positives to enhance detection performance.

Findings

Decision table classifier has the lowest false negatives.

Random forest classifier achieved the highest accuracy.

Evaluation based on KDD dataset performance metrics.

Abstract

Intrusion detection system (IDS) is one of the implemented solutions against harmful attacks. Furthermore, attackers always keep changing their tools and techniques. However, implementing an accepted IDS system is also a challenging task. In this paper, several experiments have been performed and evaluated to assess various machine learning classifiers based on KDD intrusion dataset. It succeeded to compute several performance metrics in order to evaluate the selected classifiers. The focus was on false negative and false positive performance metrics in order to enhance the detection rate of the intrusion detection system. The implemented experiments demonstrated that the decision table classifier achieved the lowest value of false negative while the random forest classifier has achieved the highest average accuracy rate.