Effectiveness of Machine Learning Based Intrusion Detection Systems

  • Mohammed AlrowailyEmail author
  • Freeh Alenezi
  • Zhuo Lu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11611)


Security is the most significant issue in concerns of protecting information or data breaches. Furthermore, attackers present a new variety of cyber-attacks in the market, which prevent users from managing their network or computer system. For that reason, the growth of cybersecurity research studies, such as intrusion detection and prevention systems have great significance. The intrusion detection system (IDS) is an effective approach against malicious attacks. In this work, a range of experiments has been carried out on seven machine learning algorithms by using the CICIDS2017 intrusion detection dataset. It ensued to compute several performance metrics to examine the selected algorithms. The experimental results demonstrated that the K-Nearest Neighbors (KNN) classifier outperformed in terms of precision, recall, accuracy, and F1-score as compared to other machine learning classifiers. Nevertheless, All of the used machine learning classifiers except KNN trained their models in a reasonable time.


Intrusion Detection System Machine learning IDS dataset Cybersecurity Classification algorithms 



Mohammed and Freeh would thank Aljouf and Majmaah Universities, respectively, for the scholarship funds.


  1. 1.
    Ahmad, I., Basheri, M., Iqbal, M.J., Rahim, A.: Performance comparison of support vector machine, random forest, and extreme learning machine for intrusion detection. IEEE Access 6, 33789–33795 (2018)CrossRefGoogle Scholar
  2. 2.
    Aksu, D., Üstebay, S., Aydin, M.A., Atmaca, T.: Intrusion detection with comparative analysis of supervised learning techniques and fisher score feature selection algorithm. In: Czachórski, T., Gelenbe, E., Grochla, K., Lent, R. (eds.) ISCIS 2018. CCIS, vol. 935, pp. 141–149. Springer, Cham (2018). Scholar
  3. 3.
    Bansal, A., Kaur, S.: Extreme gradient boosting based tuning for classification in intrusion detection systems. In: Singh, M., Gupta, P.K., Tyagi, V., Flusser, J., Ören, T. (eds.) ICACDS 2018. CCIS, vol. 905, pp. 372–380. Springer, Singapore (2018). Scholar
  4. 4.
    Boukhamla, A., Gaviro, J.C.: Cicids 2017 dataset: performance improvements and validation as a robust intrusion detection system testbed (2018)Google Scholar
  5. 5.
    Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)CrossRefGoogle Scholar
  6. 6.
    Hastie, T., Tibshirani, R., Friedman, J.: The elements of statistical learning, Chapter 6 (2001)Google Scholar
  7. 7.
    Hou, J., Fu, P., Cao, Z., Xu, A.: Machine learning based DDoS detection through netflow analysis. In: MILCOM 2018–2018 IEEE Military Communications Conference (MILCOM), pp. 1–6. IEEE (2018)Google Scholar
  8. 8.
    Hu, W., Hu, W., Maybank, S.: Adaboost-based algorithm for network intrusion detection. IEEE Trans. Syst. Man Cybern. Part B (Cybern.) 38(2), 577–583 (2008)CrossRefGoogle Scholar
  9. 9.
    Keller, J.M., Gray, M.R., Givens, J.A.: A fuzzy k-nearest neighbor algorithm. IEEE Trans. Syst. Man Cybern. 4, 580–585 (1985)CrossRefGoogle Scholar
  10. 10.
    Panda, M., Patra, M.R.: Network intrusion detection using Naive Bayes. Int. J. Comput. Sci. Netw. Secur. 7(12), 258–263 (2007)Google Scholar
  11. 11.
    Papamartzivanos, D., Mármol, F.G., Kambourakis, G.: Introducing deep learning self-adaptive misuse network intrusion detection systems. IEEE Access 7, 13546–13560 (2019)CrossRefGoogle Scholar
  12. 12.
    Quinlan, J.R.: Induction of decision trees. Mach. Learn. 1(1), 81–106 (1986)Google Scholar
  13. 13.
    Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP, pp. 108–116 (2018)Google Scholar
  14. 14.
    Tsai, C.F., Hsu, Y.F., Lin, C.Y., Lin, W.Y.: Intrusion detection by machine learning: a review. Expert Syst. Appl. 36(10), 11994–12000 (2009)CrossRefGoogle Scholar
  15. 15.
    Ustebay, S., Turgut, Z., Aydin, M.A.: Intrusion detection system with recursive feature elimination by using random forest and deep learning classifier. In: 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), pp. 71–76. IEEE (2018)Google Scholar
  16. 16.
    Zegeye, W., Dean, R., Moazzami, F.: Multi-layer hidden markov model based intrusion detection system. Mach. Learn. Knowl. Extr. 1(1), 265–286 (2019)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Department of Electrical EngineeringUniversity of South FloridaTampaUSA
  2. 2.Department of Mathematics and StatisticsUniversity of South FloridaTampaUSA

Personalised recommendations