Network Intrusion Detection System Using Machine Learning
Ch. Kodanda Ramu1, M. Tarun2, M. Praveen3, N. Laxman4, S. Sai Prasad5
1Associate Professor, Department of Computer Science & Engineering, Miracle Educational Society Group of Institutions, Bhogapuram, Vizianagaram, Andhra Pradesh, India - 535216
2,3,4,5B.Tech Student , Department of Computer Science & Engineering, Miracle Educational Society Group of Institutions, Bhogapuram, Vizianagaram, Andhra Pradesh, India - 535216
Email: kvr.chintu1978@gmail.com
Abstract - This document discusses the creation of an intelligent Network Intrusion Detection System (NIDS) using Machine Learning (ML) for improved security of computer networks. This report presents the concept for using ML techniques, which provide a solution to conventional detection methods that utilize signatures, as traditional signature-based detection methods are often incapable of detecting new or zero-day attacks. Thus, adaptive data driven methods should be employed. The system will accurately monitor and analyze incoming and outgoing traffic on the network so that each piece of traffic can be effectively classified as either normal or malicious; malicious traffic will be classified into one of four attack types, which are: Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The model will utilize the NSL-KDD benchmark dataset, along with a multitude of data preprocessing steps (i.e., Categorical Encoding, scaling features, etc.) in order to maximize the effectiveness of the model. Additionally, numerous ML classification algorithms (i.e., Random Forest, Decision Tree, Support Vector Machine (SVM) and K-Nearest Neighbor (KNN)) will be analyzed to determine high performance algorithms. Based upon accuracy, precision, recall and F1 score, the Random Forest classification algorithm would be the best performing algorithm. The system includes an email alerting function to notify the network administrator immediately when a critical intrusion is detected, thus enabling the network administrator to respond rapidly to the incident. Overall results indicate that the proposed ML-based NIDS is capable of detecting a significantly higher percentage of intrusions while simultaneously producing a lower percentage of false positives than traditional rule-based methods. The findings indicate that artificial intelligence can play a critical role in the protection of modern network infrastructures against more sophisticated cyber threats.
Key Words: Network Intrusion Detection System, Machine Learning, NSL-KDD Dataset, Random Forest, Cybersecurity
