Theoretical and Natural Science
- The Open Access Proceedings Series for Conferences
Vol. 31, 07 March 2024
* Author to whom correspondence should be addressed.
Network intrusion detection refers to monitoring and analysing network traffic, system logs and other information to identify abnormal behaviours and attacks in the network, and take timely and appropriate countermeasures to protect the security and stability of the network. This paper investigates the application of seven machine learning methods in network intrusion detection, and evaluates each model by indicators such as precision, accuracy, recall and F1 score. The results show that XGBoost, Random Forest and Decision Tree models have the best prediction results, while Support Vector Machines and Plain Bayes models have poor prediction results. XGBoost, Random Forest and Decision Tree models all belong to the category of integrated learning, which have strong generalisation ability and robustness, can handle high-dimensional and complex datasets and are not prone to overfitting. In addition, they are able to handle non-linear relationships and are suitable for complex classification problems. Catboost and logistic regression models have better prediction results, but their prediction results are also affected by feature engineering. They may under- or over-fit when dealing with high-dimensional, complex datasets. Support Vector Machines and Plain Bayesian Models have poorer prediction results, which is related to their limitations. Support vector machines may experience computational difficulties when dealing with high-dimensional, complex datasets and are weak in dealing with non-linear relationships. The plain Bayesian model assumes that the features are independent of each other, which may not hold true in practical applications, thus affecting the prediction results. The conclusions of this paper are instructive for research and application in the field of network security, and can provide reference and inspiration for research in related fields.
Network security, Intrusion detection, Prediction accuracy
1. Daly L M, Siamak L, Weng W L, et al.FlowTransformer: A transformer framework for flow-based network intrusion detection systems[J].Expert Systems With Applications, 2024, 241.
2. Elif D, Yunus K S, İlker Ö, et al. ROSIDS23: Network intrusion detection dataset for robot operating system[J]. Data in Brief, 2023, 51109739-109739.
3. Ghani H, Salekzamankhani S, Virdee B. A Hybrid Dimensionality Reduction for Network Intrusion Detection[J].Journal of Cybersecurity and Privacy, 2023, 3(4):830-843.
4. Tarek G, Bamidele J A, Mohamed T, et al.Metaverse-IDS: Deep learning-based intrusion detection system for Metaverse-IoT networks[J].Internet of Things, 2023, 24.
5. Abiodun A, Amrit K, Anit K, et al.Network intrusion detection using feature fusion with deep learning[J].Journal of Big Data, 2023, 10(1):
6. Manderna A, Kumar S, Dohare U, et al.Vehicular Network Intrusion Detection Using a Cascaded Deep Learning Approach with Multi-Variant Metaheuristic[J].Sensors, 2023, 23(21):
7. Ivandro L O, Deqing Z, H. I A, et al.Network intrusion detection based on the temporal convolutional model[J].Computers Security, 2023, 135.
8. Zhang J, Zhang X, Liu Z, et al.A Network Intrusion Detection Model Based on BiLSTM with Multi-Head Attention Mechanism[J].Electronics, 2023, 12(19):
9. Goh, K. L., and Singh, A. K 2015 Procedia Computer Science, 70, 434-441.
The datasets used and/or analyzed during the current study will be available from the authors upon reasonable request.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. Authors who publish this series agree to the following terms:
1. Authors retain copyright and grant the series right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this series.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the series's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this series.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See Open Access Instruction).