Akademik Veri Yönetim Sistemi
Sciencer Scientific Publications, Ankara, 2019
In recent years, cyber-attacks have been a
serious threat to governments, businesses, and
individuals. Many Intrusion Detection Systems
were designed to prevent these cyber-attacks,
however, these systems are facing some difficulties
to be efficient as the threats are growing every
day. While advances in machine learning have led
to numerous powerful classifiers, their usefulness
for modeling anomalies detection system still
needs to be explored. The main purpose of
this study is to investigate the performance of
some well-known machine learning algorithms
with the aim of enhancing the Network Anomaly
Detection System (NADS). This study compares
the performance of four selected machine
learning algorithms, i.e., K-Nearest Neighbors
(KNN), K-Means, Naïve Bayes and Random
Forest.. This comparison is conducted to analyze
the performance of the classification framework
and provide recommendations related to the
framework selection. In addition, to improve
the overall performance and speed up such
system, the PCA Algorithm was used in reducing
the number of used features by preserving the
essential parts that have more variation of the
features and remove the non-essential features
with a fewer variation. Several experiments have
been conducted using “KDD CUP99” dataset that
is widely used to evaluate intrusion detection
prototypes. The experimental outcomes
demonstrate that KNN algorithm perform well
in terms of accuracy and computation time.
Furthermore, the results show that KNN was able
to achieve 98.0379% accuracy in detecting the
potential threat.