Machine Learning based Network Intrusion Detection with Hybrid Frequent Item Set Mining

Abstract

With the development and expansion of computer networks day by day and the diversity of software developed, the damage that possible attacks can cause is increasing beyond the predictions. Intrusion Detection Systems (STS/IDS) are one of the effective defense tools against these potential attacks that are constantly increasing and diversifying. The ultimate goal is to train these systems with various artificial intelligence methods, to detect subsequent attacks in real time and to take the necessary precautions. In this study, classical feature selection methods and Frequent Item Set Mining were used in feature selection in a hybrid model, and it was aimed to classify network traffic data for normal and attack by using many machine learning methods, including Logistic Regression, with the final features obtained. The method uses a data set originally containing 85 features to make a decision while making this classification. These attributes are extracted using CICFlowMeter from a PCAP file where network traffic is recorded. The results show that the proposed method in the study classifies more than 225000 records in the data set with a success rate of 97.68%.