Intrusion Detection System Using Random Forest on the NSL-KDD Dataset

  • Prashil Negandhi
  • Yash TrivediEmail author
  • Ramchandra Mangrulkar
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 906)


In the modern world of interconnected systems, network security is gaining importance and attracting a lot of new research and study. Intrusion detection systems (IDSs) form an integral part of network security. To enhance the security of a network, machine learning algorithms can be applied to detect and prevent network attacks. Taking advantage of the robust NSL-KDD dataset, we have employed the supervised learning algorithm random forests to train a model to detect various networking attacks. To further increase the classification accuracy of our model, we have employed the use of famous data mining technique of feature selection. Smart feature selection using Gini importance has been employed to reduce the number of features. Experimental results have shown that our model not only runs faster but also performs with a higher accuracy.


NSL-KDD Machine learning Random forest Classification Computer networks Cybersecurity 


  1. 1.
    Gyanchandani, M., Rana, J. L., & Yadav, R. N. (2012). Taxonomy of anomaly based intrusion detection system: A review. International Journal of Scientific and Research Publications, 2(12), 1–13.CrossRefGoogle Scholar
  2. 2.
    Biau, G. (2012). Analysis of a random forests model. Journal of Machine Learning Research, 13, 1063–1095.MathSciNetzbMATHGoogle Scholar
  3. 3.
  4. 4.
  5. 5.
    Yin, C., Zhu, Y., Fei, J., & He, X. A deep learning approach for intrusion detection using recurrent neural networks. In IEEE Access (Vol. 5).Google Scholar
  6. 6.
    C.-H. Lee, Su, Y.-Y., Lin, Y.-C., & Lee, S.-J. (2017). Machine learning based network intrusion detection. In 2017 2nd IEEE International Conference on Computational Intelligence and Applications.Google Scholar
  7. 7.
    Ingre, B., & Yadav, A. Performance analysis of NSL-KDD dataset using ANN. In SPACES-2015, Department of ECE, K L University.Google Scholar
  8. 8.
    Wahba, Y., ElSalamouny, E., & ElTawee, G. (2015, May). Improving the performance of multi-class intrusion detection systems using feature reduction. IJCSI International Journal of Computer Science Issues, 12(3).Google Scholar
  9. 9.
    Chae, H., Jo, B., Choi, S.-H., & Park, T. Feature selection for intrusion detection using NSL-KDD. Recent Advances in Computer Science.Google Scholar
  10. 10.
    Tavallaee, M., et al. (2009). A detailed analysis of the KDD CUP 99 data set. In Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications 2009.Google Scholar
  11. 11.
    Breiman, L. (2004). Consistency for a simple model of random forests in Technical Report 670. Technical report, Department of Statistics, University of California, Berkeley, USA.Google Scholar
  12. 12.
    Breiman, L. (2001). Random forests. Journal of Machine Learning, 45, 5–32. Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Prashil Negandhi
    • 1
  • Yash Trivedi
    • 1
    Email author
  • Ramchandra Mangrulkar
    • 1
  1. 1.Department of Computer EngineeringDwarkadas J. Sanghvi College of EngineeringMumbaiIndia

Personalised recommendations