Intelligent Machine Learning for Cybersecurity: Anomaly Detection in Network Intrusion Systems and Beyond

Intelligent Machine Learning for Cybersecurity: Anomaly Detection in Network Intrusion Systems and Beyond

연구 분야: Networking

학회: International Conference on Electronic Governance with Emerging Technologies

Cybersecurity has emerged as a paramount concern in the digital age, where malicious actors continuously devise sophisticated techniques to breach network defenses. Intrusion detection systems (IDSs) play a pivotal role in fortifying cybersecurity measures by identifying and mitigating potential threats. IDSs collect network traffic information from a specific location on the network and utilize it to secure the network. Recently, machine learning approaches have played an crucial role in identifying network intrusions (or attacks), allowing network administrators to take proactive measures to prevent attacks. In this paper, we offer three machine learning algorithms for detecting network intrusions: Decision Tree, KNN, and Logistic Regression. The dataset to be audited was provided, which includes a wide range of intrusions simulated in a military network. Normal and attack data are used to extract 41 quantitative and qualitative features for each TCP/IP connection. The class variable consists of two categories: Normal & Anomalous. In the final analysis, experimental results for three-class classification are shown, including accuracy (KNN:0.98), confusion matrices, and F1-score. These are used to help researchers improve their understanding of network intrusion detection.