Enhanced intrusion detection systems performance with UNSW-NB15 data analysis

Shweta More, Moad Idrissi, Haitham Mahmoud, A. Taufiq Asyhari

Research output: Contribution to journalArticleResearchpeer-review

5 Citations (Scopus)

Abstract

The rapid proliferation of new technologies such as Internet of Things (IoT), cloud computing, virtualization, and smart devices has led to a massive annual production of over 400 zettabytes of network traffic data. As a result, it is crucial for companies to implement robust cybersecurity measures to safeguard sensitive data from intrusion, which can lead to significant financial losses. Existing intrusion detection systems (IDS) require further enhancements to reduce false positives as well as enhance overall accuracy. To minimize security risks, data analytics and machine learning can be utilized to create data-driven recommendations and decisions based on the input data. This study focuses on developing machine learning models that can identify cyber-attacks and enhance IDS system performance. This paper employed logistic regression, support vector machine, decision tree, and random forest algorithms on the UNSW-NB15 network traffic dataset, utilizing in-depth exploratory data analysis, and feature selection using correlation analysis and random sampling to compare model accuracy and effectiveness. The performance and confusion matrix results indicate that the Random Forest model is the best option for identifying cyber-attacks, with a remarkable F1 score of 97.80%, accuracy of 98.63%, and low false alarm rate of 1.36%, and thus should be considered to improve IDS system security.

Original languageEnglish
Article number64
Number of pages16
JournalAlgorithms
Volume17
Issue number2
DOIs
Publication statusPublished - 1 Feb 2024

Keywords

  • decision tree
  • logistic regression
  • machine learning in cyber security
  • random forest
  • support vector machine
  • UNSW-NB15 dataset

Cite this