Performance of Intrusion Detection System Using Bagging Ensemble with SDN-Base Classifier

Abstract

Intrusion Detection System (IDS) is a system for detecting suspicious activity on a network. Many machine learning-based IDS approaches have been built to detect intrusion. However, along with the development of types of attacks, currently the application of IDS has not been maximally successful when detecting various types of attacks. To overcome this problem, better techniques are needed to detect attacks. This research applies an ensemble-based Bagging-SDN machine learning model. Bagging-SDN is built from three base-learners, namely Support Vector Machine (SVM), Decision Tree (DT), and Naïve Bayes (NB). These three base learners are known as SDN (SVM, DT, NB). Furthermore, Bagging-SDN was validated using the UNSW-NB15 dataset. Based on the experiment, it was found that the Bagging-SDN performance was superior to the old method based on single classifier. Best Bagging-SDN performance when using Decision Tree (DT) as a base-learner. Bagging-SDN performance was able to increase the accuracy 80.09% compared to the earlier technique which only reached 75.89%. As for further research, the development of machine learning-based IDS still needs to be improved. For example, build ensemble classifier methods to improve performance using other technique like boosting, stacking and another base-learner. So, the IDS still has satisfactory performance in detecting new types of attacks.