You have no items in your shopping cart.
ABSTRACT
In the modern digital era, safeguarding network infrastructures is critical due to the continuous evolution of cyber threats. Intrusion Detection Systems (IDS) are essential for monitoring network traffic to identify and counteract unauthorized or harmful activities. Traditional IDS that rely on signature-based methods often struggle to detect novel or zero-day attacks, underscoring the necessity for more sophisticated anomaly-based detection techniques. This research investigates the efficacy of four machine learning algorithms—K-Nearest Neighbors (KNN), Random Forest, Decision Tree, and XGBoost—in the context of anomaly-based intrusion detection, utilizing the CICIDS2017 dataset. Curated by the Canadian Institute for Cybersecurity, the CICIDS2017 dataset offers a comprehensive collection of both normal and malicious network traffic, encompassing a diverse array of contemporary cyber threats. Our findings reveal that the KNN algorithm achieved an accuracy of 0.811, with precision and recall both at 0.824, and an F1 score of 0.737. The Decision Tree model demonstrated an accuracy of 0.894, precision and recall each at 0.882, and an F1 score of 0.869. The Random Forest classifier yielded an accuracy of 0.906, precision and recall both at 0.882, and an F1 score of 0.872. Notably, the XGBoost model attained an accuracy of 0.906, with precision and recall both at 0.931, and an F1 score of 0.916. This study offers valuable insights into the relative strengths and limitations of each machine learning model within the realm of anomaly-based intrusion detection. By benchmarking their performance on the CICIDS2017 dataset, we aim to identify the most effective model or combination of models for deployment in real-world network security environments. Furthermore, this research contributes to the ongoing development of robust and adaptive intrusion detection systems capable of keeping pace with the rapidly changing landscape of cyber threats. The outcomes of this study are intended to guide the selection and implementation of appropriate machine learning strategies to enhance network security and protect critical infrastructure.
