DESIGN HYBRID BESAD INTRUSION DETECTION SYSTEM USING MACHINE LEARNING ALGORITHM AND SAFE MACHINE LEARNING WOLKITE, ETHIOPIA

Abstract

In the subject of computer network security, network attacks have gained international attention. Hence, this thesis aims to evaluate different machine learning classification algorithms and Safe ml that classify network events in intrusion detection systems using a supervised approach and unsupervised types of machine learning classification methods. We used the following methods to carry out the analysis: KNN, Decision Tree, Random Forest, and Extra tree. for a supervised approach. Here we have presented a hybrid Machine learning approach to detect attacks. In the misuse or signature detection module, we used three different classifiers KNN, Decision Tree, Random Forest, and Extra tree which detect known attacks based on the signature database. The unsupervised detection module handles the unknown attack by employing the k-Means Clustering algorithm. Applying data normalization during the pre-processing phase. label encoder, which, as many ML techniques cannot support them directly, translates string characteristics into numerical features. During the ML model construction process, we employ a comprehensive feature engineering technique using IG and KPCA to eliminate irrelevant, redundant, and noisy features while retaining the essential ones. Also used SPSS to examine associations and evaluate descriptive statistics like mean and standard deviation. To show the performance of the proposed evaluation method, we conducted the experiment on the CICIDS2017 dataset. The results of our experiments showed that the classification model integrated with the transformation and feature selection method results in superior accuracy, error rate, and reduced false alarms. The result also shows that the Extra Tree model and RF hold the highest accuracy and reduce the false alarm rate. By utilizing ECDF-based statistical distance measures, the Second Technique accurately predicted model performance safely. This part comprises experiments performed With Safe Machine learning algorithms using Empirical Cumulative Distribution Function (ECDF) using statistical distance measures including the Kolmogorov-Smirnov, Kuiper, Anderson-Darling, Wasserstein, and mixed Wasserstein-Anderson-Darling measures. Then compare all statistical distance accuracy measures of the accuracy of Safe ml with machine learning algorithms accuracy to find the best high confidence model