Network intrusion detection and classification using machine learning predictions fusion

Abstract

The primary objective of an intrusion detection system (IDS) is to monitor the network performance and to look into any indications of malformation over the network. While providing high-security network IDS played a vital role for the past couple of years. IDS will fail to identify all types of attacks, when it comes to anomaly detection, it is often connected with a high false alarm rate with accuracy and the detection rate is very average. Recently, IDS utilize machine learning methods, because of the way that machine learning algorithms demonstrated to have the capacity of learning and adjusting as well as permitting a proper reaction for real-time data. This work proposes a prediction-level fusion model for intrusion detection and classification using machine learning techniques. This work also proposes retraining of model for unknown attacks to increase the effectiveness of classification in IDS. The experiments are carried out on the network security layer knowledge discovery in database (NSL-KDD) dataset using the Konstanz information miner (KNIME) analytics platform. The experimental results showed a classification accuracy of 90.03% for a simple model to 96.31% for fusion and re-trained models. This result inspires the researchers to use machine learning techniques with a fusion model to build IDS.