An Evolutionary Approach Towards Achieving Enhanced Intrusion Detection System

Abstract

Major among the various Information Systems Security breaches are Intrusions. Intrusion bounds are expanding in scales and sophistications; with high-tech infrastructure, massive-time devotion, and diverse skillful-specialized professional coordination of several phases. Investments towards attacks proliferation are enormous and ongoing. Nonetheless, by adopting data-driven approach, which employs the attack weaponry as tools for counterattack strategies to intrusive activities, whatsoever attack ingenuity could be outmatched with instantaneous response. This study developed an intrusion detection model, with ability for misuse and anomaly intrusion detection; using machine learning mechanisms with genetic algorithm features selection strategy. UNSW-NB15 network intrusion dataset was employed, and preprocessed using data encoding, imputation and normalization mechanisms. Support Vector Machine and Multi-Layer Perceptron were trained, tested; and evaluated using the generated Confusion Matrices and Receiver Operating Characteristics curves. Multi-Layer Perceptron, whose correct classification was 89.97% (with tolerated misclassification of 20.35%) at a threshold of 0.9805, outperformed Support Vector Machine by an aggregate of 92.39%; a better indication of the evolving optimization capability of the model to capture intrusions at attempt level.