Machine Learning for Securing Traffic in Computer Networks

Abstract

Computer network attacks are among the most significant and common threats against computer-wired and wireless communications. Intrusion detection technology is used to secure computer networks by monitoring network traffic and identifying attacks. In this paper, we investigate and evaluate the application of four machine learning classification algorithms for identifying attacks that target computer networks: DDoS, Brute Force Web, and SQL Injection attacks, in addition to Benign Traffic. A public dataset of 80 features was used to build four machine learning models using Random Forest, Logistic Regression, CN2, and Neural Networks. The constructed models were evaluated based on 10-fold cross-validation using Classification Accuracy (CA), Area under the Curve (AUC), F1, Recall, Specificity, and Sensitivity metrics in addition to Confusion Matrix, Calibration, Lift, and ROC plots. The Random Forest model achieved 98% in the CA score and 99% in the AUC score, while the Logistic regression achieved 90% in the CA score and 98% in the AUC score.