Artificial intelligence for intrusion detection system

Abstract

The volume or size of the computer network and developed applications grows massively everyday, the potential to be exposed to a cyber attack is significant and the damage could be massive. Thus, Intrusion Detection Systems (IDSs) or Intrusion Prevention Systems (IPSs) are mandatory in the line of defense against large and complex networks. Machine learning can make the use of traditional Intrusion Detection Systems (IDS) a way poorer than it is today. They could learn the preferences of the security officers and dispay the sort of risks that the officer has already been generally interested in. As usual, the toughest thing with learning AI's is to teach them to take the correct calls. Machines learning could be trained as the as a rule-based system. AIs can also bind together the activities without anyone else's interactions. Those are inconsequential yet, when consolidated they may demonstrate that an attack is underway. In this work I'll compare machine learningbased IDS with traditional IDS, and explain how the AIs can be educated through. A decent number of datasets that experiences shortage of traffic diversity and volumes, some of them do not cover the variety of attacks, while other datasets suffer from anonymized packet information and payload which cannot meet the reality, or suffer from a deficiency in feature set and metadata. In this work we experiment with a credible dataset that contains benign flows and 12 known attack flows, which meets realistic network. The dataset is publicly available. Thus, we evaluate the performance of a comprehensive set of network traffic features and machine learning algorithms to indicate the best set of features for detecting the attack types.