Intrusion Detection System (IDS) For Network Traffic Analysis Using Machine Learning Models

Authors

  • G Manjula Professor & HOD, Department Computer Science and Design, Dayananda Sagar Academy of Technology & Management, Bengaluru, Karnataka, India
  • Kartik Lutimath Undergraduate Student, Department Computer Science and Design, Dayananda Sagar Academy of Technology & Management, Bengaluru, Karnataka, India
  • G Samhith Undergraduate Student, Department Computer Science and Design, Dayananda Sagar Academy of Technology & Management, Bengaluru, Karnataka, India
  • Monisha Raj H N Undergraduate Student, Department Computer Science and Design, Dayananda Sagar Academy of Technology & Management, Bengaluru, Karnataka, India
  • Preethi K R Undergraduate Student, Department Computer Science and Design, Dayananda Sagar Academy of Technology & Management, Bengaluru, Karnataka, India

Keywords:

Anomaly detection, Cyber security, Deep Learning, Intrusion detection system, Machine learning, Network traffic analysis, Network security

Abstract

Intrusion Detection Systems (IDS) are an important element of cyber security design since they help in discovering and countering vulnerability in internet traffic on networks. Traditional detection methods often fall short of identifying new threats, notably those associated with zero-day attacks. Therefore, the current project takes a Machine Learning (ML) approach focused on identifying patterns of behavior, or typical activity in the network while picking up on malicious behavior to change the overall normality (anomaly detection). The CICIDS2017 dataset was selected because it reflects typical situations that represent internet traffic. Once through a subsequent round of preprocessing, both supervised learning models consisting of logistic regression and random forest, along with a hybrid model of isolation forest, as an unsupervised learning component, were performed to reduce any inconsistencies during preprocessing and during the data processing phase. A real-time simulation was then performed and displayed through a dynamic dashboard interface to view the system's response time and visualize abnormalities as they arose in each instance of simulated traffic. The results indicated improved accuracy in identifying the anomaly of behavior of the disease and reducing false positives as a result of incorporating deep learning techniques. These findings highlight potential for ML to help in the entire scope of cyber security.

References

P. Sangkatsanee, N. Wattanapongsakorn, and C. Charnsripinyo, "Practical real-time intrusion detection using machine learning approaches," Comput. Commun., vol. 34, no. 18, pp. 2227–2235, Dec. 2011. https://doi.org/10.1016/j.comcom.2011.07.001

N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, "A deep learning approach to network intrusion detection," IEEE Trans. Emerg. Topics Comput. Intell., vol. 2, no. 1, pp. 41–50, Jan. 2018. https://doi.org/10.1109/TETCI.2017.2772792

R. Vinayakumar, K. P. Soman, K. S. Velan, and S. Ganorkar, "Evaluating shallow and deep networks for ransomware detection and classification," in Proc. 2017 Int. Conf. Advances Comput., Commun. Informatics (ICACCI), Sep. 13, 2017, pp. 259–265. https://doi.org/10.1109/ICACCI.2017.8125850

A. A. Yilmaz, "Intrusion detection in computer networks using optimized machine learning algorithms," in Proc. 3rd Int. Informatics Softw. Eng. Conf. (IISEC), Ankara, Turkey, 2022, pp. 1–6. https://doi.org/10.1109/IISEC56263.2022.9998258

S. Aljawarneh, M. Aldwairi, and M. B. Yassein, "Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model," J. Comput. Sci., vol. 25, pp. 152–160, Mar. 2018. https://doi.org/10.1016/j.jocs.2017.03.006

A. L. Buczak and E. Guven, "A survey of data mining and machine learning methods for cyber security intrusion detection," IEEE Commun. Surv. Tutor, vol. 18, no. 2, pp. 1153–1176, Oct. 2015. https://doi.org/10.1109/COMST.2015.2494502

W. Hu, W. Hu, and S. Maybank, "Adaboost-based algorithm for network intrusion detection," IEEE Trans. Syst., Man, Cybern., Part B (Cybern.), vol. 38, no. 2, pp. 577–583, Mar. 2008. https://doi.org/10.1109/TSMCB.2007.914695

E. E. Abdallah, W. Eleisah, and A. F. Otoom, "Intrusion detection systems using supervised machine learning techniques: A survey," Procedia Comput. Sci., vol. 201, pp. 205–212, 2022. https://doi.org/10.1016/j.procs.2022.03.029

M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," in Proc. 2009 IEEE Symp. Comput. Intell. Security Defense Appl., Ottawa, ON, Canada, Jul. 8, 2009, pp. 1–6. https://doi.org/10.1109/CISDA.2009.5356528

A. Kiran, B. A. Kumar, T. Sameeratmaja, S. W. Prakash, Likhitha, and U. S. S. R. Charan, "Intrusion detection system using machine learning," in Proc. 2023 Int. Conf. Comput. Commun. Informat. (ICCCI), Hyderabad, India, 2023, pp. 1–6. https://doi.org/10.1109/ICCCI56745.2023.10128363

F. Guo, H. Jiao, X. Zhang, Y. Zhou, and H. Feng, "Information security network intrusion detection system based on machine learning," in Proc. 2024 Int. Conf. Data Sci. Netw. Secur. (ICDSNS), Wuhan, China, 2024, pp. 1–6. https://doi.org/10.1109/ICDSNS62112.2024.10691041

Downloads

Published

2025-04-17

Issue

Vol. 2 No. 1 (2025): January – April

Section

Articles