Analyzing the Performance of Machine Learning Algorithms in Anomaly Network Intrusion Detection Systems

Abstract

With the deployment of numerous networked devices over the internet, the protection of organizational and personal computer networks has become vital owing to new malicious attacks which are rapidly increasing. Network intrusion detection systems (NIDS) are among the most known and reputed network security tools. Maintaining security, data confidentiality, and data integrity are the primary goals of the NIDS. In this way, this paper investigates the application and performance of machine learning algorithms in NIDS. Four algorithms namely, Random Forest, Decision Stump, Naive Bayes, Stochastic Gradient Descent (SGD) combined with different feature selection techniques (Correlation Ranking Filter and Gain Ratio Feature Evaluator) are applied to implement the NIDS models using the NSL-KDD dataset which is the new version of KDD-Cup99. The comparative analysis conducted based on the performance of these algorithms reveals that the Random Forest performs better than the other algorithms regarding the predicted accuracy and detection error.