Network Security Enhancement through Machine Learning–Driven Intrusion Detection
DOI:
https://doi.org/10.63282/3050-922X.ICAILLMBA-121Keywords:
Network Intrusion Detection System (Nids), Machine Learning, K-Nearest Neighbor (Knn), Support Vector Machine (Svm), Multiclass Classification, Dos Attack, Probe Attack, R2l Attack, U2r Attack, CybersecurityAbstract
With the rapid expansion of computer networks and internet-based services, protecting network infrastructures from cyberattacks has become a critical challenge. Traditional security mechanisms often fail to detect sophisticated and evolving intrusion patterns, highlighting the need for intelligent intrusion detection systems. This study addresses the problem of effective network intrusion detection by presenting a comparative analysis of instance-based and numerical machine learning techniques for a Network Intrusion Detection System (NIDS). In this work, K-Nearest Neighbor (KNN) and Support Vector Machine (SVM) models are employed to perform multiclass classification of network attacks, including Denial of Service (DoS), Probe, Remote-to-Local (R2L), and User-to-Root (U2R) attacks. The proposed framework analyzes network traffic patterns and behavioral features to identify malicious activities in real time. The models are trained and evaluated using benchmark intrusion datasets, and performance is assessed using metrics such as accuracy, precision, recall, and efficiency. Experimental results indicate that both KNN and SVM effectively detect multiple attack categories, with instance-based learning demonstrating strong detection capability. The study concludes that machine learning–based NIDS significantly enhances network security through improved accuracy, adaptability, and timely threat mitigation.
References
[1] Tsai, Flora. (2009). Network intrusion detection using association rules. LETTERS International Journal of Recent Trends in Engineering. 2.
[2] M. Almseidin, M. Alzubi, S. Kovacs, and M. Alkasassbeh, “Evaluation of Machine Learning Algorithms for Intrusion Detection System,” arXiv, Jan. 2018. [Online]. Available: https://arxiv.org/abs/1801.02330
[3] Nguyen, Huy &Deokjai, Choi. (1970). Application of Data Mining to Network Intrusion Detection: Classifier Selection Model. 399-408. 10.1007/978-3-540-88623-5_41.
[4] S. Paliwal and R. Gupta, “Denial-of-Service, Probing & Remote to User (R2L) Attack Detection using Genetic Algorithm,” International Journal of Computer Applications, vol. 60, no. 19, pp. 57–62, Dec. 2012, doi: 10.5120/9813-4306.
[5] M. Tavallaee, E. Bagheri, W. Lu and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada, 2009, pp. 1-6, doi: 10.1109/CISDA.2009.5356528.
[6] Arul, Amudha &Subburathinam, Karthik &Sivakumari, S.. (2013). Classification Techniques for Intrusion Detection An Overview. International Journal of Computer Applications. 76. 33-40. 10.5120/13334-0928.
[7] M. Alkasassbeh and M. Almseidin, “Machine Learning Methods for Network Intrusion Detection,” arXiv preprint, Sep. 2018. [Online]. Available: https://arxiv.org/abs/1809.02610
[8] Almseidin, Mohammad & Alzubi, Maen &Alkasassbeh, Mouhammd& Szilveszter, Kovács. (2019). Applying Intrusion Detection Algorithms on the KDD-99 Dataset. Production Systems and Information Engineering. 8. 51-67. 10.32968/psaie.2019.004.
