هبة عماد نامق
ABSTRACT
Network intrusion detection is essential for protecting computer systems and data in the age of increasingly sophisticated cyber-attacks. Classic intrusion detection systems have many issues adapting to evolving and complex attack patterns; hence, there is a need for new approaches. The problem is with traditional intrusion detection systems (that) cannot cope with complex and fluid cyberattacks. The objective of this study is to investigate the use of Machine Learning (ML) and Deep Learning (DL) algorithms to reduce the limitations of current approaches and improve network intrusion detection.
The main goal of this study was to build accurate and scalable models for anomaly detection and classification. Then, we test the effectiveness of machine learning and deep learning approaches and compare them with respect to their results and the impact of preprocessing measures on model performance and the resulting accuracies. Two popular datasets, NSL-KDD and UNSW-NB15, were used to perform exhaustive experiments for this task purpose. These datasets provide an overview of various network setups and attack cases. The proposed system uses a pre-process in which feature selection and dimensionality reduction are used to optimize the classifiers.
Both the machine learning and deep learning strategies yielded promising outcomes, as determined by the analysis. On both the NSL-KDD and UNSW-NB15 datasets, machine learning classifiers (such as Gaussian Naive Bayes) performed very well in accuracy, precision, recall, and F1-measure. These classifiers had a good balance of accuracy while being computationally efficient enough to serve as real-time anomaly detectors. Machine learning, on the other hand, failed compared to deep learning models, specifically Convolutional Neural Networks (CNNs), as they capture more complex patterns within network traffic data. The results show that the CNN models proved to be very effective in detecting network intrusion even in large and complex datasets with high accuracy (99 %), precision, recall and f1-score.
Overall, this study brings substantial improvement in the area of network intrusion by evaluating all the different machine-learning algorithms and deep-learning approaches. It also benchmarks their performance and examines preprocessing techniques to improve their accuracy and efficiency. These results highlight the potential of these methods for fortifying network security and managing emerging risks.
