Network Intrusion Detection System Using Machine Learning and Deep Learning

The Network Intrusion Detection System (NIDS) is a technology that analyzes network data to identify indicators of potential intrusion, alerting security teams for further investigation and potential action. Nowadays, machine learning and deep learning techniques are applied with intrusion detection systems to enhance accuracy and predictive capabilities for preventing potential security breaches. This study introduces the application of both machine learning and deep learning models using the NSL-KDD dataset, a widely used dataset for training and testing intrusion detection models. We use various machine learning methods, such as Random Forest, Decision Tree, Logistic Regression, K-Nearest Neighbor (KNN), Gaussian Naive Bayes (GaussianNB), CatBoost and XGBoost to analyze the confusion matrix and predict accuracy. Additionally, this study utilizes a deep learning model, specifically a Recurrent Neural Network (RNN) and assess its effectiveness as a Network Intrusion Detection System (NIDS). The data preprocessing phase in this study involved the application of Standard Scaler to standardize numerical data. Also, Label as well as One-Hot Encoding method were employed to transform categorical data into a format conducive to model processing. Furthermore, to handle imbalanced data, a hybrid over-sampling and under-sampling technique, SMOTE-Tomek Links, was implemented. Then, utilizing the Pearson Correlation to identify features with a correlation above 0.1 concerning various attack patterns for feature selection.In summarizing the outcomes derived from the training of machine learning models using the training dataset, it was discerned that the Random Forest model exhibited the highest accuracy, achieving 99.71%. Meanwhile, the deep learning model employing RNN attained an accuracy level of 97.67%.