Publication: Analysis on Network Traffic Features for Designing Machine Learning based IDS
Issued Date
2021-08-12
Resource Type
ISSN
17426596
17426588
17426588
Other identifier(s)
2-s2.0-85112774380
Rights
Mahidol University
Rights Holder(s)
SCOPUS
Bibliographic Citation
Journal of Physics: Conference Series. Vol.1993, No.1 (2021)
Suggested Citation
N. Meemongkolkiat, V. Suttichaya Analysis on Network Traffic Features for Designing Machine Learning based IDS. Journal of Physics: Conference Series. Vol.1993, No.1 (2021). doi:10.1088/1742-6596/1993/1/012029 Retrieved from: https://repository.li.mahidol.ac.th/handle/20.500.14594/78993
Research Projects
Organizational Units
Authors
Journal Issue
Thesis
Title
Analysis on Network Traffic Features for Designing Machine Learning based IDS
Author(s)
Other Contributor(s)
Abstract
An intrusion detection system (IDS) is the most important technology for securing network systems. It can dynamically monitor network traffic for malicious activities that are aimed to violate confidentiality, integrity, authenticity, and availability of the network. Currently, several Machine Learning (ML) techniques are used to design and implement IDS since ML techniques can capture the complex nature of cyberattacks. However, network traffic information usually contains unimportant features that can deteriorate the efficacy of ML-based IDS. This research analyses the critical features in network traffic to be used for design/implementing the effective ML-based IDS. The selected features are applied to different ML methods to test the effectiveness. This research is conducted on the CICIDS2017 dataset generated by the Canadian Institute of Cybersecurity, using 30 percent of the full datasets and 100 percent of the Wednesday set. The best result achieved for 30 percent of the full set is by using 30 chosen features with the Bagging ensemble classifier giving the accuracy of 99.9 percent with the false-positive rate as low as 0.03 percent. The best result achieved for Wednesday set is by using the Random Forest Classifier which achieves an accuracy of 99.9 percent and a false-positive rate (FPR) of 0.02 percent.