Machine Learning Classification for Intrusion Detection Systems Using the NSL-KDD Dataset

In the present era where Internet technology is developing rapidly, the study of cybersecurity is essential for monitoring threats and preparing for potential events. The important thing to know is whether the connection is harmful to the system. If it is harmful, what type of attack is it? What are its characteristics and what are the important factors? This can be studied by using machine learning to classify attack types in the Intrusion Detection System (IDS) topic, which is widely used to track and detect network traffic entering the system. Then, it will analyze the user's behavior to determine whether it is harmful to the system by comparing it to the attack patterns in the database. This research paper aims to study the functionality of IDS and utilize it to simulate the classification of connection patterns from the countless number of connections on the internet by using the NSL-KDD dataset, which was developed from the KDD'99 dataset, as well as the correction of duplicate data. This study uses feature selection method reduced from 41 to 10 features that will be used to create a model using the Extra Trees Classifier technique that the best result is XGBoost as 99.72% of accuracy and the imbalanced data is corrected with SMOTE to improve the prediction performance of the model. There is also a comparison with the techniques, methods, and models used to present the results.