Build an Intrusion Detection System (IDS) based on seven different algorithms and compare them to find the best one.
An Intrusion Detection System (IDS) is a device or software application that monitors a network for malicious activity or policy violations. It scans a network or system for harmful activity or security breaches. IDS can be network-based (NIDS) or host-based (HIDS), and they work by looking for signatures of known attacks or deviations from normal activity. In this project, we implemented machine learning and deep learning solutions for detecting attacks using the following seven algorithms:
- Gaussian Naive Bayes
- Decision Tree
- Random Rorest
- Support Vector Machine
- Logistic Regression
- Gradient Boosting
- Artificial Neural Network
We addressed the problem of data imbalance between normal (benign) and attack (malicious) instances using the imbalanced-learn(https://imbalanced-learn.org/stable/index.html) library.
Our approach was tested on the KDD99 benchmark dataset, which can be found here. The experimental results demonstrate that models based on Random Forest achieve the best accuracy for training and testing, considering both accuracy and time consumption.
