Sunita Singhal
Independent Researcher
India
Abstract
This manuscript presents a comparative analysis of traditional machine learning models for network intrusion detection, considering technologies and methods available up to 2021. Network security remains a critical concern as cyber threats evolve continually. Intrusion detection systems (IDS) employ machine learning to discern malicious activities from benign traffic. This study evaluates the performance of five widely used classifiers—Decision Trees (DT), k-Nearest Neighbors (KNN), Support Vector Machines (SVM), Naive Bayes (NB), and Random Forests (RF)—on a standard intrusion detection dataset. We systematically preprocess the data, select salient features, and apply consistent evaluation metrics such as accuracy, precision, recall, F1-score, and computational overhead. Experimental results demonstrate that Random Forest achieves the highest detection accuracy, while Naive Bayes excels in computational efficiency but lags in recall. The analysis underscores trade-offs between detection performance and resource requirements. Findings provide guidance for selecting appropriate models in resource-constrained or time-sensitive environments. Recommendations for practitioners include model selection strategies based on network characteristics and security priorities. This work contributes to the engineering discipline by offering a clear, empirical comparison that aids in deploying effective, traditional machine learning–based IDS solutions consistent with the state of the art as of 2021.
Keywords
Network Intrusion Detection, Decision Trees, k-Nearest Neighbours, Support Vector Machines, Naive Bayes, Random Forests
REFERENCES
- Mukkamala, S., Janoski, G., & Sung, A. H. (2002). Intrusion detection using neural networks and support vector machines. Proceedings of the IEEE International Joint Conference on Neural Networks, 1702–1707.
- Liao, H. J., Lin, C. H. R., Lin, Y. C., & Tung, K. Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16-24.
- Buczak, A. L., & Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials, 18(2), 1153-1176.
- Kaur, H., & Sood, S. K. (2015). Machine learning approach for network intrusion detection. International Journal of Computer Applications, 131(5), 33-39.
- Thaseen, S., & Thaseen, S. M. (2015). Performance evaluation of machine learning algorithms in intrusion detection. International Journal of Computer Science and Mobile Computing, 4(1), 628-634.
- Moustafa, N., & Slay, J. (2015). UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). 2015 Military Communications and Information Systems Conference (MilCIS), 1-6.
- Diro, A. A., & Chilamkurti, N. (2018). Distributed attack detection scheme using deep learning approach for Internet of Things. Future Generation Computer Systems, 82, 761-768.
- Vinayakumar, R., Soman, K. P., & Poornachandran, P. (2017). Applying deep learning approaches for network intrusion detection: A comparative study. Proceedings of the International Conference on Advances in Computing, Communications and Informatics, 1-6.
- Sharma, S., & Saha, S. K. (2019). A comparative study of machine learning algorithms for network intrusion detection. International Journal of Engineering and Advanced Technology (IJEAT), 8(6), 139-145.
- Bhandari, A., & Pant, M. (2017). Performance evaluation of machine learning algorithms for network intrusion detection system. 2017 International Conference on Computing, Communication and Automation (ICCCA), 1296-1300.
- Tang, T., Zou, Y., & Wan, J. (2018). A survey of machine learning methods for network intrusion detection. Journal of Physics: Conference Series, 1069(1), 012028.
- Sultana, N., & Huang, J. Z. (2019). A comparative study of supervised machine learning algorithms for network intrusion detection. International Journal of Computer Applications, 178(17), 20-27.
