Analysis of Modern Intrusion Detection Algorithms and Developing a Smart IDS

摘要

Nowadays many organizations and various sectors have been going online and this leads to improvement of the performance of networks for the protection of valuable data and other resources. So for detecting the malicious activity that occurs in a network, the intrusion detection system is used. This paper explains how machine learning algorithms are used for anomaly detection on a computer network which then identifies whether the traffic is normal or contains any anomaly or is an attack. An intrusion Detection System is software that scans the network or system for suspicious activity. In this paper, we aim to provide an analytical review of the IDS technology, obstacles that come about during its execution. Different machine learning algorithms such as Decision Tree, Random Forest, Naive Bayes, KNeighbors Classifier, and some other deep learning models such as CNN and ANN models are used for automating the task of detecting the intrusion. The accuracy of these algorithms is being compared and the algorithm which gives the best accuracy is considered.NSL-KDD '99 dataset is used for intrusion detection purpose. The dataset contains 4 different classes of attacks namely Denial of Service (DoS), Probe, User to Root (U2R) and Remote to Local (R2L). Each attack class is further divided into different subclasses which can help us in knowing the exact attack during an intrusion.