INsIDES: A new machine learning-based intrusion detection system

Abstract

Nowadays there are an enormous number of attacks over the Internet that makes our information to be continuously at risk. Intrusion Detection Systems (IDS) are used as a second line of defense. They observe suspicious actions in the network to detect attacks. One of the most popular ones is Snort. It is an open source IDS and the rules to detect the attacks are updated offline. As there are new types of attacks almost every day, it has a low detection rate especially for new types of attack. The aim of this work is to create an IDS using machine learning techniques in order to be more efficient detecting attacks than Snort. The proposed IDS is compared with Snort using the newly UNSW-NB15 dataset. The results show a detection rate of 98.11% and a false alarm rate of 8.57% for INsIDES, whereas Snort has a detection rate of 2.43% and a false alarm rate of 30.66%, assuring encouraging trails when machine learning techniques are applied to traditional rule-based IDS.