A network intrusion is any unauthorized activity on a computer network. The unauthorized activities or abnormal network activities threaten users’ privacy and potentially damage the function and infrastructure of the whole network. We need IDS because it is crucial for security which enables us to detect and respond to malicious traffic.The main purpose of IDS is to ensure the IT personnel is notified when an attack or network intrusion might be taking place.
Goals Given a data point classify is it an attack or not -> Binary Classification: : Train an ML model which takes inputs from the sensor measurements at a time stamp ‘t’ and classifies it either in “ATTACK” or “NORMAL” categories. That means that you want to determine if at time stamp t, the system is under attack or under normal operation. Developing an unsupervised or semisupervised time-series ML model for better accuracy is suggested. IDS prediction close to reality: The developed tool must have good accuracy, precision, recall, and F1-score for the machine learning model with low false positive and low false negative rates.
dataset: http://kdd.ics.uci.edu/databases/kddcup99/task.html
Links and References: https://github.com/AndroGari/NIDS- https://medium.com/analytics-vidhya/building-an-intrusion-detection-model-using-kdd-cup99-datasetfb4cba4189ed https://github.com/dimtics/Network-Intrusion-Detection-Using-Machine-Learning-Technique https://nycdatascience.com/blog/student-works/network-intrusion-detection/