Intrusion Detection System with Supervised Learning Models

Abstract

Intrusion Detection Systems (IDSs) can analyze and detect abnormal network activity, which addresses potential attacks based on studying and analyzing past attacks. This paper uses four supervised machine learning methods, which are logistic regression, decision tree, support vector machine, and random forest, to detect these abnormal attacks. The dataset used in this paper is from KDDCUP’99, a publicly available dataset for network-based anomaly detection systems. Certain features and outcomes are first extracted from the dataset. The values in nominal features are converted into dummy variables, and the values in outcome are changed to either normal or attack. Then the training processes are performed with the four algorithms, and the models are tested to get the accuracy scores. According to the results, the logistic regression model has the highest accuracy score of 0.9415, and the other three models all have accuracy scores above 0.90. The accuracy scores of the decision tree, support vector machine, and random forest are 0.9317, 0.9374, and 0.9202, respectively. Our models turn out to be efficient in identifying the network anomaly with provided data.