Machine Learning Based Improvised Intrusion Detection System

Abstract

While intrusion detection systems (IDS) can effectively recognize anomalous network activities, they still have a low detection rate and a high false alarm rate, especially for anomalies with less records. In this article, we suggest an efficient IDS called DO IDS, which is based on hybrid data optimization and comprises of two: data collection and function selection. To achieve the optimum testing sample, the Isolation Forest (iForest) is used to eradicate outliers, the Genetic Algorithm (GA) is used to refine the sampling ratio, and the Convolution Neural Network (CNN) classifier is used as the evaluation criterion. GA and RF are again used to achieve the desired feature subset in the feature range. Finally, using the optimal training dataset obtained through data sampling and the features chosen through feature selection, an intrusion detection system based on CNN is developed. The trial will be conducted using the dataset CIC-IDS-2017. The model offers clear benefits in detection of rare anomaly behaviour, compared to other algorithms.