Applied Artificial Intelligence (Dec 2024)

A Generalized and Robust Nonlinear Approach based on Machine Learning for Intrusion Detection

  • Jakiur Rahman,
  • Jaskaran Singh,
  • Soumen Nayak,
  • Biswajit Jena,
  • Lopamudra Mohanty,
  • Narpinder Singh,
  • John R. Laird,
  • Rajesh Singh,
  • Deepak Garg,
  • Narendra N. Khanna,
  • Mostafa M. Fouda,
  • Luca Saba,
  • Jasjit S. Suri

DOI
https://doi.org/10.1080/08839514.2024.2376983
Journal volume & issue
Vol. 38, no. 1

Abstract

Read online

Intrusion detection systems (IDS) play a critical role in ensuring the security and integrity of computer networks. There is a constant demand for the development of powerful, novel, and generalized methods for IDS that can accurately detect and classify intrusions. In this study, we aim to evaluate the benefits of linear classifiers (LC) and nonlinear classifiers (NLC) in IDS. We employed ten machine learning (ML) classifiers, consisting of five LC and five NLC. These classifiers underwent cross-validation for performance evaluation, unseen analysis, statistical tests, and power analysis on measuring the minimum sample size. Four hypotheses were formulated and validated on five processed intrusion attack datasets. NLC outperformed LC, with a mean accuracy (ACC)/area-under-the-curve (AUC) increase of 22.26%/20.3% on the WUSTL-EHMS dataset, with improvements of ACC/AUC by 5.5%/2.3% on the UNSW-NB15 dataset. In the unseen analysis, NLC achieved an ACC/AUC increase of 21.9%/21.8% when trained on WUSTL-EHMS and tested on UNSW-NB15. Lastly, when using a mixed dataset of WUSTL-EHMS and UNSW-NB15, NLC demonstrated an ACC/AUC increase of 11.67%/5.5%. The model performed well in cross-validation protocols, and the statistical tests yielded significant p-values. NLC provides generalized and robust solutions to detect intrusion attacks, ensuring the integrity and security of computer networks.