Classification of Network Intrusion Attacks Using Machine Learning and Deep Learning^

Modern era is loaded with data. Increase in usage of smart phones results in enormous amount of data generation.  Highly sophisticated smart cities enabled with Internet of Things (IoT) devices produces large data. Sensitive data such as personal information, health information, financial information may be vulnerable and it’s integrity could be lost. Highly voluminous data travelling to and fro through the network may encounter traffic. This network traffic can be either normal traffic or it may be intrusion created by the hacker to hack by introducing abnormal traffic over the network. Traditional Intrusion detection systems and firewalls may detect the attacks based on the signature pattern. This is not sufficient to detect the advance persistent threats or to detect unknown attacks. To identify and to classify various types of unknown attacks, it is essential to apply intelligent techniques. This paper aims to classify attacks like DoS (Denial of Service), Probe, R2L (Remote to Local), U2R (User to Root) which causes intrusion in the network. To identify and to analyze root cause of intrusion, a benchmark dataset named NSL-KDD (Network Security Laboratory- Knowledge Discovery and Data) is used. Detailed analysis of the NSL-KDD dataset is accomplished by using machine learning and deep learning. Four models are opted to perform comparative analysis.  In the first model,  Principal Component Analysis (PCA) is applied to minimize the dimension of data and machine Learning algorithms like logistic Regression, Random forest Classifier, Decision Tree Classifier  are utilized to build the model. In the second model, algorithms like logistic Regression, Random forest Classifier, Decision Tree Classifier, Adaboost, and XGBoost are used. In the third model, multi-label classifier chains algorithm is applied to deploy the model. In the fourth model, deep neural network is used to accomplish deep learning model. The motive of this research is to find the best classifier that classifies data with high accuracy and to develop a model which serves the best for intrusion detection system. Comparative analysis of classifier algorithms is done and it is evident that, in the first model, Random forest algorithm produces 98.7% accuracy, in the second model, Adaboost algorithm produces 99.8% accuracy, in the third model,  Multi label classifier chain based on random forest produces   99.6% accuracy and in the fourth model, deep neural network  produces 99.2% accuracy. Among the four models, it is found that, Adaboost is the best algorithm which classifies and produces best results.