DESIGN HYBRID BESAD INTRUSION DETECTION SYSTEM USING MACHINE LEARNING ALGORITHM AND SAFE MACHINE LEARNING WOLKITE, ETHIOPIA
Date
2024-04
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
In the subject of computer network security, network attacks have gained international attention.
Hence, this thesis aims to evaluate different machine learning classification algorithms and Safe
ml that classify network events in intrusion detection systems using a supervised approach and
unsupervised types of machine learning classification methods. We used the following methods to
carry out the analysis: KNN, Decision Tree, Random Forest, and Extra tree. for a supervised
approach. Here we have presented a hybrid Machine learning approach to detect attacks. In the
misuse or signature detection module, we used three different classifiers KNN, Decision Tree,
Random Forest, and Extra tree which detect known attacks based on the signature database. The
unsupervised detection module handles the unknown attack by employing the k-Means Clustering
algorithm.
Applying data normalization during the pre-processing phase. label encoder, which, as many ML
techniques cannot support them directly, translates string characteristics into numerical features.
During the ML model construction process, we employ a comprehensive feature engineering
technique using IG and KPCA to eliminate irrelevant, redundant, and noisy features while
retaining the essential ones. Also used SPSS to examine associations and evaluate descriptive
statistics like mean and standard deviation.
To show the performance of the proposed evaluation method, we conducted the experiment on the
CICIDS2017 dataset. The results of our experiments showed that the classification model
integrated with the transformation and feature selection method results in superior accuracy, error
rate, and reduced false alarms. The result also shows that the Extra Tree model and RF hold the
highest accuracy and reduce the false alarm rate.
By utilizing ECDF-based statistical distance measures, the Second Technique accurately predicted
model performance safely. This part comprises experiments performed With Safe Machine
learning algorithms using Empirical Cumulative Distribution Function (ECDF) using statistical
distance measures including the Kolmogorov-Smirnov, Kuiper, Anderson-Darling, Wasserstein,
and mixed Wasserstein-Anderson-Darling measures. Then compare all statistical distance
accuracy measures of the accuracy of Safe ml with machine learning algorithms accuracy to find
the best high confidence model
Description
Keywords
Intrusion Detection,, Machine learning algorithms,, Safe Machine learning,, normalization, Distance measurc