Deploying and Analyzing Classification Algorithms for Intrusion Detection

Abstract

Intrusion Detection Systems that use anomaly de-tection can detect unknown assaults, but they are less accurate, resulting in many false alarms. In this paper, machine learning techniques are examined in order to create IDSs that may be used in existing computer networks. In order to improve detection quality, a three-step optimization technique is first provided: 1) rebalancing the dataset with augmented data, 2) optimizing model performance, and 3) integrating the results of the best models through ensemble learning. This method has problems because the models are trained on previously known assaults and so do not do anomaly detection. To solve the existing issues, we studied the accuracy, sensitivity, roc curve, false positive rate of various binary and multi-class classifiers like KNN, Linear SVM, Quadratic SVM, multi-layer perceptron(MLP), and some other general classification algorithms, which inferred to us that some advancements could be made to the existing models. We developed a new and better LSTM (Long Short Term Memory) technique, a deep learning technique for recognizing attacks and storing them in long-term memory in order to counter future attacks.