Intrusion detection using machine learning algorithms

With the growing rate of cyber-attacks, there is a significant need for intrusion detection systems (IDS) in networked environments. As intrusion tactics become more sophisticated and more challenging to detect, this necessitates improved intrusion detection technology to retain user trust and preserve network security. Over the last decade, several detection methodologies have been designed to provide users with reliability, privacy, and information security. The first half of this thesis surveys the literature on intrusion detection techniques based on machine learning, deep learning, and blockchain technology from 2009 to 2018. The survey identifies applications, drawbacks, and challenges of these three intrusion detection methodologies that identify threats in computer network environments. The second half of this thesis proposes a new machine learning Model for intrusion detection that employs random forest, naive Bayes, and decision tree algorithms. We evaluate its performance on a standard dataset of simulated network attacks used in the literature, NSL-KDD. We discuss preprocessing of the dataset and feature selection for training our hybrid model and report its performance using standard metrics such as accuracy, precision, recall, and f-measure. In the final part of the thesis, we evaluate our intrusion model against the performance of existing machine learning models for intrusion detection reported in the literature. Our model predicts the Denial of Service (DOS) attack using a random forest classifier with 99.81% accuracy, Probe attack with 97.89% accuracy, and R2L attack with 97.92% accuracy achieving equivalent or superior performance in comparison with the existing models