Network Intrusion Detection for TCP/IP Packets with Machine Learning Techniques

Hossain Shahriar, Kennesaw State University
Sravya Nimmagadda, Kennesaw State University

Abstract

To address the evolving strategies and techniques employed by hackers, intrusion detection systems (IDS) is required to be applied across the network to detect and prevent against attacks. Appropriately, each TCP/IP network layers has specific type of network attacks that means each network layer needs a specific type of IDS. Now-a -days Machine Learning becomes most powerful tool to deal with network security challenges given that the network level data generated is huge in volume and decision related to attacks need to be decided with high speed and accuracy. Classification is one of the techniques to deal with new and unknown attacks with network intrusion using machine learning. In this chapter, we detect the normal and anomaly attacks of the TCP/IP packets from publicly available training dataset using Gaussian Naive Bayes, logistic regression, Decision Tree and artificial neural network on intrusion detection systems. Using CoLab environment, we provide some experimental results showing that Decision tree performed better than Gaussian Naïve Bayes, Logistic regression and Neural Network with a publicly available dataset.