Comparative analysis of selected data mining algorithms for intrusion detection system

Abstract

Due to the growth of information technology, there is a tremendous increase in demand for network connectivity by individuals and organisations, thereby making network security more worrisome than ever. An intrusion detection system is one of the security solutions employed to protect network-based information systems from unauthorised access or information misuse. Data mining and machine learning techniques are important fields of study that have been applied to the area of intrusion detection domain with different classification algorithms due to their ability to learn from a very large amount of data. However, identification of an appropriate and efficient technique and algorithms for building an intrusion detection system remains an increasing challenge. This study focuses on evaluating the performance of five well-known classification algorithms: Decision Tree, Naive Bayes, C4.5, K – Nearest Neighbour, and ID3, on a popular intrusion detection benchmark dataset (KDD). The result of the evaluation shows that K-nearest neighbour outperformed other algorithms with high accuracy of 99.97%, a low error rate of 0.03, and fast building time of 0.07 seconds which demonstrate its appropriateness for efficient intrusion detection system.