Searching for optimal machine learning algorithm for network traffic classification in intrusion detection system

Rzeszow University of Technology, The Faculty of Electrical and Computer Engineering, ul. Wincentego Pola 2 35-959 Rzeszów, Poland

^* Corresponding author: : alicja.gerka@op.pl

Abstract

The main problem associated with the development of an effective network behaviour anomaly detection-based IDS model is the selection of the optimal network traffic classification method. This article presents the results of simulation research on the effectiveness of the use of machine learning algorithms in the network attacks detection. The research part of the work concerned finding the optimal method of network packets classification possible to implement in the intrusion detection system’s attack detection module. During the research, the performance of three machine learning algorithms (Artificial Neural Network, Support Vector Machine and Naïve Bayes Classifier) has been compared using a dataset from the KDD Cup competition. Attention was also paid to the relationship between the values of algorithm parameters and their effectiveness. The work also contains an short analysis of the state of cybersecurity in Poland.