Performance Analysis of Machine Learning Classifiers for Intrusion Detection

Modern tactical wireless network (TWN) communication technologies are not only capable of transmitting voice but also capable of transmitting data. Due to such capabilities, TWN have high security requirements as any security breach can lead to detrimental effects. Hence, securing such an environment is not only a requirement but also a virtual prerequisite to the network centric warfare operational (NCW) theory. One key to securing this environment is to promptly and accurately recognize information warfare attacks directed to the network and respond to them. This is achieved using intrusion detection systems (IDS). However, false detection of nodes in hostile environment remains a major problem that need to be addressed. Recently, machine learning methods and algorithms have shown applicability and are growing research area for cyber security and intrusion detection. Conversely, several decades of research in the field of machine learning have resulted in a multitude of different algorithms for solving a broad range of problems. The question then becomes, which one amongst these machine learning algorithms have the potential to enhance or address IDS issues in TWN. In this paper, seven machine learning classifiers are analyzed; Multi-Layer Perceptron, Bayesian Network, Support Vector Machine (SMO), Adaboost, Random Forest, Bootstrap Aggregation, and Decision Tree (J48). WEKA tool was used to implement and evaluate the classifiers. The results obtained indicate that ensemble-based learning methods outperformed single learning methods when we consider the detection accuracy metrics; AUC, TPR, and FPR. However, ensemble classifiers tend to be slower in in terms of build time and model test time.