A Comparative Analysis of Intrusion Detection Systems: Leveraging Classification Algorithms and Feature Selection Techniques

Abstract

With the increasing use of the Internet and its coverage of all areas of life and the increasing amount of sensitive and confidential information on the Internet, the number of malicious attacks on that information has increased with the aim of destroying, changing, or misusing it. Consequently, the need to discover and prevent these kinds of attacks has increased in order to maintain privacy, reliability, and even availability. For this purpose, intelligent systems have been developed to detect these attacks, which are called Intrusion Detection System (IDS). These systems were tested and applied to special benchmark datasets that contain a large number of features and a massive number of observations. However, not all the features are important, and some are not relevant. Therefore, applying feature selection techniques becomes crucial, which select the features with the most importance and relevance in order to enhance the performance of the classification model. The aim of this review paper is to conduct a comparative analysis of various state-of-the-art IDS that use algorithm classifications to detect network attacks with the cooperation of feature selection techniques that have been applied to various well-known IDS datasets, such as KDD cup99, NSL-KDD, etc. This comparison is based on several factors, including the utilized classification technique, feature selection used, employed evaluation metrics, datasets used, and finally the highest accuracy rate obtained by each study.