Abstract
Threats to information systems security have become very alarming with the present extensive growth in Internet use. As a response, intrusion detection systems have been created to provide defence mechanisms against various types of attacks such as those due to Ransomware, DdoS, Botnet, Trojans, Viruses, Spyware, Worms, and more. The use of a machine learning approach to develop smart intrusion detection systems to solve these types of problem have also been explored and this typically involves applying the various machine learning techniques that focus on the dataset collected by a network monitoring tool. This paper presents a study on the utility of three classification machine learning algorithms which are J48, Decision Stump, and Random Forest in detecting threats by comparing their accuracy and processing time when applied to the UNSW-NB15 dataset with the aim of discovering the best technique that can accurately spot the pattern of any suspicious activity in the network. The results of show that J48 exhibits the best combination of accuracy and processing time among the evaluated classification techniques on the employed dataset. Moreover, the study reveals that increasing the sample size of the dataset can enhance the precision of the model, although this enhancement might come at the expense of overall accuracy. Additionally, it emphasizes that the application of feature selection techniques alone does not necessarily lead to an improvement in accuracy.
Type
Publication
JOURNAL OF INNOVATION AND EMERGING DIGITAL TECHNOLOGIES (JIEDT)