| Abstrakt: |
Securing the network from intrusions becomes a more challenging task to conduct for system administrators, and the need for a more powerful and efficient intrusion detection system emerges with the continuous development of cyber-attacks exploring various methods and techniques. A performed survey in [1] show the various emerging attacks in cyber security accompanied with the exponential growth of the internet interconnections, the attacks are affecting the confidentiality, availability, and the integrity of the data in the cyber world, as more data is now available in electronic format, and more access is provided to end users, the challenge is to secure the network from any intrusion. Rather than following the traditional way of detecting attacks by looking for signatures of known intrusion attempts, machine learning can help detect nonconformities over the network. We propose the usage of artificial intelligence to build a sophisticated Network Intrusion Detection System able to be trained/self-trained using models and algorithms found in machine learning/deep learning to detect malicious network traffic. The aim of this paper is to present a new IDS model based on machine learning approach to detect malicious traffic and protect the network from cyber-attacks. The usage of machine learning will allow better accuracy in detection and faster response time. This technique can also be used to continuously update the IDS knowledge base for instant response through malicious packets rejection. In order to implement and measure the performance of our model, we used NSL-KDD dataset which contains records of various mimicked attacks on a real IDS system, after the preprocessing phase which consist of data summarization, cleaning, and normalization, we used the most relevant attributes for the classification process based on CfsSubsetEval technique with BestFirst approach as an attribute selection algorithm to remove the redundant attributes and to allow the usage of the most pertinent attributes of the dataset. To build our prediction model we used a comparative evaluation of three algorithms (K-means, AdaBoost and Multilayer Perceptron), the experimental results show that the MLP algorithm provides a high detection rate and reduces false alarm rate. Finally, a set of principles is concluded, which will set path for future research for implementing an efficient and performant IDS. To help researchers in the selection of IDS, several recommendations are provided with future directions for this research. [ABSTRACT FROM AUTHOR] |
