Network Intrusion Detection using Optimized Machine Learning Algorithms

Abstract

Network intrusion detection mechanism is a primary requirement in the current fast-growing network systems. Data mining and machine learning approaches are widely used for network anomaly detection during past few years. Machine learning based intrusive activity detector is becoming more popular. The most commonly used machine learning algorithms for Intrusion Detection System (IDS) are K-Nearest Neighbor (KNN), Support Vector Machine (SVM) and Random Forest (RF). However, the performance of these methods is reliant upon the selection of the proper parameter values. This research focuses its aim to build an IDS model based on the most effective algorithms. The machine learning algorithms are used in this research are KNN, SVM and RF. To improve these algorithms classification accuracy, some parameters of the algorithms are optimized using Particle Swarm Optimization (PSO) and Artificial Bee Colony (ABC) optimization techniques, while other parameters are used with default values. The result of this experiment shows that optimized KNN, SVM and RF perform better than these algorithms with their default parameter values. Furthermore, the results the experiment shows that KNN is the most suitable algorithm for network anomaly detection regarding detection of known network attacks and unknown network attacks. NSL-KDD standard dataset is used for the experiments of this research. It has been proven that our proposed model performs better than what is provided in the state-of-arts models.