Modelling and evaluation of network intrusion detection systems using machine learning techniques

This study aims at modelling and evaluating the performance of machine learning techniques on a recent network intrusion dataset. Five machine learning algorithms, which include k-nearest neighbour (KNN), support vector machines (SVM), voting ensemble, random forest, and XGBoost, have been utilized in the development of the network intrusion detection models. The proposed models are tested using the UNSW_NB15 dataset. Three different K values are used for model with KNN algorithm and two different kernels are utilized in the development of the model with SVM. The best detection accuracy of the model developed with KNN was 84.9% with a K value of 9; the SVM model with the best accuracy is developed with the Gaussian kernel and obtained an accuracy of 83%, and the Voting Ensemble achieved 83.4% accuracy. Random forest model achieved accuracies of 90.2% and 70.8% for binary classification and multiclass classification respectively. Finally, XGBoost model also achieves accuracies of 85% and 51.77% for binary and multiclass classification respectively.