Abstract
The paper proposes an approach to identify anomalies in network traffic based on the use of machine learning classifiers. The solution allows you to determine the resulting state class by averaging the votes of individual classifiers. The approach was evaluated on the NSL-KDD public dataset. A compar- ison of the performance of classifiers and their averaged evaluation using the Weka tool was performed. The NSL-KDD set has been optimized, with an emphasis on "rootkit" type attacks, as one of the most diffi- cult types of attacks to detect. Using the bagging-based approach implemented in the Weka application, it was possible to obtain accuracy results – 99.94%. During the experiment, a tendency of increasing accu- racy in the application of bagging on open data was revealed as the volume of training data increases. The proposed approach can be applied in the design of systems for detecting attacks and other abnormal states of information systems. The results of the accuracy of the average assessment require further re- search in order to improve the indicators. It is possible to modernize the approach of averaging the votes of classifiers by excluding/adding other classifiers, qualitative selection of attributes and their features, in- creasing the number of training samples for classification.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
