Abstract

Intrusion Detection Systems (IDS) are critical for maintaining the security and integrity of computer networks. Anomaly detection models play a pivotal role in IDS by identifying deviations from normal behavior that may indicate malicious activities. This paper presents a comprehensive taxonomy of anomaly detection models for intrusion detection using machine learning models leveraging on therich feature set provided by the CSE-CIC-IDS 2018 dataset, which encompasses both network traffic and host-based data. Statistical-based methods include parametric and non-parametric techniques, leveraging data distribution assumptions for anomaly detection. Knowledge-based methods rely on expert systems and state transition analysis to detect anomalies based on predefined rules and patterns. Machine learning-based methods encompass supervised, unsupervised, and semi-supervised learning algorithms, each offering unique advantages in handling labeled and unlabeled data. This research project presents Taxonomy for anomaly detection models for intrusion detection and a Comparative analysis of anomaly detection models utilizing the CSE-CIC-IDS – 2018 dataset obtained from Kaggle, with a focus on evaluating the effectiveness of the following classifiers Random Forest, K- Nearest Neighbors (KNN), Convolutional Neural Network (CNN), and Naive Bayes classifiers for intrusion detection.

Authors: I. P. Oladoja, O.S. Adeyefa, A. O. Oronti, O. O. Abereowo, O.A. Akinsowon, O. Y. Ogunlola, B. K. Alese

Published in: International Conference on Information Society (i-Society-2024)

  • Date of Conference: 26-28 August, 2024
  • DOI: 10.20533/iSociety.2024.0017
  • ISBN: 978-1-913572-72-3
  • Conference Location: Churchill College, Cambridge, UK

0