NETWORK INTRUSION DETECTION USING SUPERVISED MACHINE LEARNING WITH FEATURE SELECTION

Abstract

The working of two supervised machine learning algorithms, i.e., Support Vector Machine (SVM) and Convolutional Neural Network (CNN), is evaluated for intrusion detection in a network. With more cyber-attacks happening courtesy the Internet boom, an adequate Intrusion Detection System needs to be in place. These systems look at incoming requests and check whether such are normal or carry attacks (anomaly) signatures. Labeled data including samples of normal and attack requests are used in training the IDS to produce a predictive model. The trained predictive model would then be used to classify new incoming requests as normal or malicious. This study applies the IDS using both the machine learning and deep learning subfields of artificial intelligence approaches. The effectiveness of the two models is experimentally tested and it has been observed that CNN produces higher accuracy than SVM. Meanwhile, feature selection techniques under the two categories of Correlation-Based and Chi-Square-Based are applied to the dataset for improving detection efficiency. These algorithms aid in eliminating irrelevant or redundant features, thus reducing data size and improving the accuracy of the models. The ultimate objective of this work is the development of an effective IDS that can detect network intrusions with immense precision. Through feature selection and model comparison, the study demonstrates that a CNN using an optimized feature set offers the best possible performance in detecting cyber threats occurring in network traffic.