Network Intrusion Detection System Using Decision Tree

Year : 2024 | Volume : 12 | Issue : 02 | Page : 22 33
    By

    Yash Jadhav,

  • Harsh Deshpande,

  • Ashwini Garole,

  • Komal Sawant,

  • Aman Patil,

  1. Student, Computer Science and Engineering (Artificial Intelligence and Machine Learning), Vishwaniketan’s iMEET Khalapur, Maharashtra, India
  2. Student, Computer Science and Engineering (Artificial Intelligence and Machine Learning), Vishwaniketan’s iMEET Khalapur, Maharashtra, India
  3. Assistant Professor, Computer Science and Engineering, Vishwaniket’s iMEET, Khalapur, Maharashtra, India
  4. Student, Computer Science and Engineering (Artificial Intelligence and Machine Learning), Vishwaniketan’s iMEET Khalapur, Maharashtra, India
  5. Student, Computer Science and Engineering (Artificial Intelligence and Machine Learning), Vishwaniketan’s iMEET Khalapur, Maharashtra, India

Abstract

This paper presents a novel approach to network intrusion detection systems (NIDS) using advanced decision tree algorithms to address critical limitations in existing IDS solutions. Traditional IDSs often struggle with high false positive and negative rates, lack of scalability, and poor interpretability. Our proposed IDS leverages decision trees to enhance detection accuracy, interpretability, and scalability, thereby improving network security. Decision trees are chosen for their adaptive learning capabilities, transparent decision-making processes, and efficiency in real-time threat detection. The system architecture includes key components such as a data collection module for capturing network traffic, a preprocessing module for data cleansing and feature extraction, and a decision tree classifier for classifying traffic into benign and malicious categories. The classifier’s performance is rigorously evaluated using metrics like accuracy, precision, recall, and F1-score, demonstrating superior performance with a 100% accuracy rate in model evaluation. The IDS’s effectiveness is compared against other machine learning techniques like K-nearest neighbors, logistic regression, and naive Bayes, with decision trees showing the highest accuracy and efficiency. The paper also highlights future directions, including enhanced machine learning integration, behavioral analysis, cloud-based deployment, internet of things security monitoring, and integration with threat hunting and incident response tools. This research underscores the potential of decision tree-based NIDS in providing robust, scalable, and comprehensible intrusion detection, crucial for protecting large-scale, dynamic network environments from diverse cyber threats.

Keywords: Machine learning algorithms, deep learning, classification techniques, decision tree, logistic regression, K-nearest neighbor (KNN), artificial neural network (ANN), supervised learning, anomaly detection, support vector machine, feature selection, data preprocessing, accuracy, precision, real-time intrusion detection

[This article belongs to Journal Of Network security ]

How to cite this article:
Yash Jadhav, Harsh Deshpande, Ashwini Garole, Komal Sawant, Aman Patil. Network Intrusion Detection System Using Decision Tree. Journal Of Network security. 2024; 12(02):22-33.
How to cite this URL:
Yash Jadhav, Harsh Deshpande, Ashwini Garole, Komal Sawant, Aman Patil. Network Intrusion Detection System Using Decision Tree. Journal Of Network security. 2024; 12(02):22-33. Available from: https://journals.stmjournals.com/jons/article=2024/view=152713


References

  1. Ojha Y. A Beginners Guide to Machine Learning — Data Preprocessing. [Online]. Medium.com. February 17, 2019. Available at https://medium.com/@yogeshojha/data-preprocessing-75485c7188c4
  2. LeCun Y, Bengio Y, Hinton G. Deep learning. Nature 2015; 521 (7553): pp. 436–444.
  3. Machine Learning Glossary—ML Glossary documentation. [Online]. Readthedocs.io. 2022. Available at https://ml-cheatsheet.readthedocs.io/en/latest/
  4. Dong B, Wang X. Comparison deep learning method to traditional methods using for network intrusion detection. In: 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN), Beijing, China, June 4–6, 2016. pp. 581–585.
  5. Conrad E, Misenar S, Feldman J. Domain 7: security operations. In: Eleventh Hour CISSP®: Study Guide. Third Edition. Rockland, MA, USA: Syngress; 2017. pp. 145–183.
  6. Brownlee J. What is deep learning? MachineLearningMastery.com. [Online]. 2019. Available at https://machinelearningmastery.com/what-is-deep-learning/
  7. Mukherjee B, Heberlein LT, Levitt KN. Network intrusion detection. IEEE Netw. 1994; 8 (3): 26–41.
  8. Pedamkar P. Machine Learning Algorithms. [Online]. EDUCBA.com. 2019. Available athttps:// educba.com/machine-learning-algorithms/
  9. Soofi AA, Awan A. Classification techniques in machine learning: applications and issues. J Basic Appl Sci. 2017; 13 (1): 459–465.
  10. Shafiq M, Yu X, Laghari AA, Yao L, Karn NK, Abdessamia F. Network traffic classification techniques and comparative analysis using machine learning algorithms. In: 2016 2nd IEEE International Conference on Computer and Communications (ICCC), Chengdu, China, October 14–17, 2016. pp. 2451–2455.
  11. Sangkatsanee P, Wattanapongsakorn N, Charnsripinyo C. Practical real-time intrusion detection using machine learning approaches. Computer Commun. 2011; 34 (18): 2227–2235.
  12. Farnaaz N, Jabbar MA. Random forest modeling for network intrusion detection system. Procedia Computer Sci. 2016; 89: 213–217.
  13. Taulli T. Deep Learning: What You Need to Know. [Online]. Forbes. October 5, 2023. Available at https://www.forbes.com/sites/tomtaulli/2020/03/27/deep-learning-what-you-need-to-know/
  14. Ganapathy S, Yogesh P, Kannan A. An intelligent intrusion detection system for mobile ad-hoc networks using classification techniques. In: Advances in Power Electronics and Instrumentation Engineering: Second International Conference, PEIE 2011, Nagpur, Maharashtra, India, April 21–22, 2011. Berlin, Germany: Springer; 2011. pp. 117–122.
  15. Niyaz Q, Sun W, Javaid AY, Alam M. A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONET-ICS), New York, NY, USA, December 3–5, 2015. pp. 21–26.
  16. Ahmim A, Maglaras L, Ferrag MA, Derdour M, Janicke H. A novel hierarchical intrusion detection system based on decision tree and rules-based models. In: 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), Santorini, Greece, May 29–31, 2019. 228–233.
  17. Li W. Using genetic algorithm for network intrusion detection. In: Proceedings of the United States Department of Energy Cyber Security Group 2004 Training Conference, Kansas City, KS, USA, May 2004. pp. 1–8.
  18. Harrison O. Machine learning basics with the k-nearest neighbors algorithm. [Online]. Towards Data Science. September 11, 2018. Available at https://towardsdatascience.com/machine-learning-basics-with-the-k-nearest-neighbors-algorithm-6a6e71d01761
  19. Hussain J, Lalmuanawma S, Chhakchhuak L. A two-stage hybrid classification technique for network intrusion detection system. Int J Comput Intell Syst. 2016; 9 (5): 863–875.
  20. Sanjeevi M. Chapter 4: Decision Trees Algorithms. [Online]. Deep Math Machine learning.ai – Medium. October 6, 2017. Available at https://medium.com/deep-math-machine-learning-ai/chapter-4-decision-trees-algorithms-b93975f7a1f1
Regular Issue Subscription Review Article
Volume 12
Issue 02
Received 21/05/2024
Accepted 23/06/2024
Published 02/07/2024
470


My IP

PlumX Metrics