Analysis of Data and Supervised Machine Learning Algorithms for Intrusion Detection
摘要
As computer networks continue to expand globally, detecting and classifying anomalies in network traffic has become a critical aspect of cybersecurity. Despite significant research, most existing studies rely on a narrow approach, typically training machine learning algorithms on a single dataset and focusing on a specific type of anomaly. This limited methodology can lead to pattern classifiers that underperform when applied to different datasets or real-world scenarios. Addressing this gap, the primary goal of this paper is to develop pattern classifiers that are resilient to concept drift and adaptable across domains. To achieve this, a comprehensive experimental evaluation was conducted, considering various scenarios and using widely recognized datasets such as NSL-KDD 2009, UNSW-NB15, and CICIDS-2017, which cover a broad spectrum of attack types. Multiple supervised machine learning techniques and algorithms were tested to assess their effectiveness and efficiency. The findings from this research identify which approaches are most effective and which are least effective in classifying each specific type of cyber attack. These contributions aim to enhance the cybersecurity field by providing valuable insights and potential strategies to improve intrusion detection systems.