Rule-based Intrusion Detection System using Logical Analysis of Data

Abstract

Any organisation’s network infrastructure is insecure as different cyber-attacks have constantly mounted and destabilised these systems. There is a rapid upsurge in the usage of the internet in the modern era. This extensive use of the internet has given a chance to attackers to do malicious activities on the network field. To combat these attacks, we need an Intrusion Detection System (IDS). IDS is a robust technological system that protects the system by detecting any intrusions in it. In this study, different machine learning algorithms, which include Support Vector Machine (SVM), Naive Bayes, Random Forest (RF), and Decision Tree (DT), are compared with the method of Logical Analysis of Data (LAD) on NSL-KDD dataset. NSL-KDD is the benchmark dataset used in the network field. The results have been compared on the basis of accuracy, recall, F1-score, G-mean, detection time and ROC-AUC curve. Based on the result obtained, it is evident that the LAD method has outperformed in comparison with other ML-based methods and also detects intrusions in real time.