TITLE:
Comparing the Area of Data Mining Algorithms in Network Intrusion Detection
AUTHORS:
Yasamin Alagrash, Azhar Drebee, Nedda Zirjawi
KEYWORDS:
Feature Reduction, Singular Value Decomposition, Intrusion Detection, Correlation Analysis, Association Impact Scale, Intrusion Detection System, KDD Cup 1999, Random Forest
JOURNAL NAME:
Journal of Information Security,
Vol.11 No.1,
December
10,
2019
ABSTRACT: The network-based intrusion detection has become common to evaluate machine learning algorithms. Although the KDD Cup’99 Dataset has class imbalance over different intrusion classes, still it plays a significant role to evaluate machine learning algorithms. In this work, we utilize the singular valued decomposition technique for feature dimension reduction. We further reconstruct the features form reduced features and the selected eigenvectors. The reconstruction loss is used to decide the intrusion class for a given network feature. The intrusion class having the smallest reconstruction loss is accepted as the intrusion class in the network for that sample. The proposed system yield 97.90% accuracy on KDD Cup’99 dataset for the stated task. We have also analyzed the system with individual intrusion categories separately. This analysis suggests having a system with the ensemble of multiple classifiers; therefore we also created a random forest classifier. The random forest classifier performs significantly better than the SVD based system. The random forest classifier achieves 99.99% accuracy for intrusion detection on the same training and testing data set.