A Comparative Study of Classification Techniques for Intrusion Detection

Intrusion detection is one of the major research problems in network security. It is the process of monitoring and analyzing network traffic data to detect security violations. Mining approach can play very important role in developing an intrusion detection system. The network traffic can be classified into normal and anomalous in order to detect intrusions. In our paper, top-ten classification algorithms namely J48, BayesNet, Logistic, SGD, IBK, JRip, PART, Random Forest, Random Tree and REPTree were selected after experimenting with more than twenty most widely used classification algorithms. The comparison of these top-ten classification algorithms is presented in this paper based upon their performance metrics to find out the best suitable algorithm available. Performance of the classification models is measured using 10-fold cross validation. Experiments and assessments of these methods are performed in WEKA environment using NSL-KDD dataset.