Machine learning techniques for accurate classification and detection of intrusions in computer network

Abstract

An incursion into the computer network or system in issue occurs whenever there is an attempt made to circumvent the defences that are in place. Training and examination are the two basic components that make up the intrusion detection system (IDS) and each one may be analysed separately. During training, a number of distinct models are built, each of which is able to distinguish between normal and abnormal behaviours that are included within the dataset. This article proposes a combination of ant colony optimization (ACO) and the firefly approach for feature selection. The final outcome of giving careful thought to the selection of features will eventually result in greater accuracy of categorisation. When classifying various sorts of features, we make use of a wide variety of machine learning (ML) algorithms, including AdaBoost, gradient boost, and Bayesian network (BN), amongst others. The tests and assessments made use of data obtained from three distinct datasets, namely NSL-KDD, UNSW-NB15, and CICIDS 2017. The degree of performance of an individual may be broken down into its component parts, which include the F1 score, accuracy, precision, and recall. Gradient boost performs far better when it comes to recognising and classifying incursions.