Skip to main content
SpringerLink
Log in

Analysis of Machine Learning Classification Techniques for Anomaly Detection with NSL-KDD Data Set

  • Conference paper
  • First Online:
Data Science and Intelligent Systems (CoMeSySo 2021)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 231))

Included in the following conference series:

Abstract

Along with the high-speed growth of the Internet, cyber-attacks are becoming even more frequent, so detecting network intrusions is essential for keeping network connections under control. However, in the modern big data environment, traditional methods do not meet the network requirements regarding adaptability and efficiency. Therefore, intelligent intrusion detection systems can only be built if an adequate data set is used. This way, a data set with a sizable amount of quality data can mimic real-time network traffic to train and test an intrusion detection system (IDS). The NSL-KDD data set is a refined version of its predecessor KDD‟99 data set. In this paper, the NSL-KDD data set is analyzed and used to study the effectiveness of various classification algorithms in detecting anomalies in network traffic patterns. The results show that the Random Forest algorithm provides the best results with accuracy, precision, recall and an F1 score of 99%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Yeo, L.H., Che, X., Lakkaraju, S.: Understanding modern intrusion detection systems: a survey. Eastern Michigan University, USA (2017)

    Google Scholar 

  2. Jyothsna, V.V.R.P.V., Prasad, V.R., Prasad, K.M.: A review of anomaly based intrusion detection systems. Int. J. Comput. Appl. 28(7), 26–35 (2011)

    Google Scholar 

  3. Tavallaee, M., Bagheri, E., Lu, W., and Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Second IEEE International Conference on Computational Intelligence for Security and Defense Applications, pp. 53–58 (2009)

    Google Scholar 

  4. Vilela, D.W.F.L., Lotufo, A., Santos, C.R.: Fuzzy ARTM AP neural network IDS evaluation applied for real IEEE 802.11w data base. In: IEEE International Joint Conference on Neural Networks, pp. 1–7 (2018)

    Google Scholar 

  5. Tong, Z., Ying, H.: Application of frequent item set mining algorithm in IDS based on hadoop framework. In: IEEE Chinese Control and Decision Conference, pp. 1908–1911 (2018)

    Google Scholar 

  6. Hajare, S.A.: Detection of network attacks using big data analysis. Int. J. Recent Innov. Trends Comput. Commun. 4(5), 86–88 (2016)

    Google Scholar 

  7. Golman, V.: An efficient hybrid intrusion detection system based on C5.0 and SVM. Int. J. Database Theor. Appl. 7(2), 59–70 (2014)

    Google Scholar 

  8. Tanpure, S.S. et al.: Intrusion detection system in data mining using hybrid approach. Int. J. Comput. Appl., 0975–8887 (2016)

    Google Scholar 

  9. Ferrag, M.A., Maglaras, L., Moschoyiannis S., Janicke, H.: Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J. Inf. Secur. Appl. 50(1) (2020)

    Google Scholar 

  10. James, D.: Introduction to Machine Learning with Python: a Guide for Beginners in Data Science, 1st edn. CreateSpace Independent Publishing Platform, USA (2018)

    Google Scholar 

  11. Joshi, A.V.: Machine Learning and Artificial Intelligence. Springer (2020)

    Google Scholar 

  12. Chen, X., Jeong, J.C.: Enhanced recursive feature elimination. In: Machine Learning and Applications Conference, pp 429–435 (2007)

    Google Scholar 

  13. Caswell, B., Beale, J., Baker, A.: Snort Intrusion Detection and Prevention Toolkit. Syngress. MA, Burlingthon (2007)

    Google Scholar 

  14. Ambati, S.B., Vidyarthi, D.: A brief study and comparison of open source intrusion detection system and tools. Int. J. Adv. Comput. Eng. Netw. 1(10), 26–32 (2013)

    Google Scholar 

  15. Hutchison, K.: Wireless Intrusion Detection Systems, SANS Institute. White Paper (2005)

    Google Scholar 

  16. Stallings, W.: Network Security Essentials: Applications and Standards, 6th edn. Pearson, USA (2017)

    Google Scholar 

  17. Stiawan, D., Shakhatreh, A.I., Idris, M.Y., Bakar, K.K.A., Abdullah, A.H.: Intrusion prevention system: a survey. J. Theor. Appl. Inf. Technol. 40(1) (2012)

    Google Scholar 

  18. Protić, D.D.: Review of KDD CUP ‘99, NSL-KDD and KYOTO 2006+ datasets. Military Tech. Courier 66(3), 580–596 (2018)

    Google Scholar 

  19. Madhavan, S.: Mastering Python for Data Science. Packt Publishing, UK (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Technologies and Engineering Department, Faculty of Electrical Engineering and Information Technologies, Ss. Cyril and Methodius University in Skopje, Skopje, Macedonia

    Ana Cholakoska, Martina Shushlevska, Zdravko Todorov & Danijela Efnusheva

Authors
  1. Ana Cholakoska
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martina Shushlevska
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zdravko Todorov
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Danijela Efnusheva
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ana Cholakoska .

Editor information

Editors and Affiliations

  1. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Radek Silhavy

  2. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Petr Silhavy

  3. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Zdenka Prokopova

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cholakoska, A., Shushlevska, M., Todorov, Z., Efnusheva, D. (2021). Analysis of Machine Learning Classification Techniques for Anomaly Detection with NSL-KDD Data Set. In: Silhavy, R., Silhavy, P., Prokopova, Z. (eds) Data Science and Intelligent Systems. CoMeSySo 2021. Lecture Notes in Networks and Systems, vol 231. Springer, Cham. https://doi.org/10.1007/978-3-030-90321-3_21

Download citation

Publish with us

Policies and ethics

Search

Navigation