Transactions on Machine Intelligence

Transactions on Machine Intelligence

Intelligent Intrusion Detection of Computer Networks Using Random Forest Algorithm

Document Type : Original Article

Authors
S. Moshrefzadeh 1
O. Rahmani Seryasat 2
B. Ravaei 3
1 Department of Computer Engineering, Faculty of Technology and Engineering, Dana Institute of Higher Education, Yasouj, Iran.
2 Department of Electrical Engineering, Faculty of Technology and Engineering, Shams Higher Education Institute, Gargan, Iran.
3 Department of Computer Engineering, Faculty of Technology and Engineering, Yasouj University, Yasouj, Iran.
10.47176/TMI.2019.48
Abstract
Intelligent Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks against unauthorized access and cyber threats. These systems are engineered to detect, identify, and classify potential attacks, while also recognizing security vulnerabilities, thereby enabling timely alerts for network administrators. This study delves into the application of the Random Forest algorithm as the core technique for intelligent intrusion detection. The efficacy of the proposed approach was evaluated using the NSL-KDD dataset, a widely recognized benchmark in intrusion detection research. This dataset comprises 125,973 samples with 41 distinct features representing various network traffic characteristics. The Random Forest algorithm, known for its ensemble-based nature, constructs multiple decision trees during training and outputs the class that is the mode of the classes (classification) of the individual trees. This method enhances predictive accuracy and controls overfitting. Experimental results indicate that the use of this algorithm significantly improves the accuracy of intrusion detection, achieving a remarkable detection rate of 99.89%. These findings underscore the potential of Random Forest in developing intelligent and reliable IDS, offering a robust solution for real-world network security applications. The study also discusses the algorithm's performance in terms of precision, recall, and F1-score, highlighting its effectiveness in various attack scenarios.
Keywords
Intelligent Intrusion Detection
Computer Networks
Random Forest Algorithm
  • Han, J., Kamber, M., & Pei, J. (2011). Data mining: Concepts and techniques (3rd ed.). Elsevier.illinois.edu+1scirp.org+1
  • Liao, H.-J., Lin, C.-H. R., Lin, Y.-C., & Tung, K.-Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16–24. https://doi.org/10.1016/j.jnca.2012.09.004
  • Salo, F., Nassif, A. B., & Essex, A. (2019). Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Computer Networks, 148, 164–175. https://doi.org/10.1016/j.comnet.2018.11.010
  • Senthil Murugan, N., & Usha Devi, G. (2018). Detecting streaming of Twitter spam using hybrid method. Wireless Personal Communications, 103(2), 1353–1374. https://doi.org/10.1007/s11277-018-5513-z
  • Denning, D. E. (1986). An intrusion detection model. In Proceedings of the Seventh IEEE Symposium on Security and Privacy (pp. 119–131). IEEE. https://doi.org/10.1109/SP.1986.10010
  • Snapp, S. R., Brentano, J., Dias, G. V., Goan, T. L., Heberlein, L. T., Ho, C.-L., Levitt, K. N., Mukherjee, B., Smaha, S. E., Grance, T., Teal, D. M., & Mansur, D. (1991). DIDS (Distributed Intrusion Detection System) – Motivation, architecture, and an early prototype. In Proceedings of the 14th National Computer Security Conference (pp. 167–176). National Institute of Standards and Technology.
  • Viegas, E., Santin, A. O., França, A., Jasinski, R., Pedroni, V. A., & Oliveira, L. S. (2017). Towards an energy-efficient anomaly-based intrusion detection engine for embedded systems. IEEE Transactions on Computers, 66(1), 163–177. https://doi.org/10.1109/TC.2016.2560839
  • Boroumandzadeh, M. (2014). Presenting a combined data mining and machine learning method for detecting intrusions in computer networks. In Proceedings of the National Conference on Engineering Sciences, New Ideas (8). Tonekabon. Retrieved from https://civilica.com/doc/308424
  • Alishzadeh, Y., Sadeghian, B., & Safabakhsh, R. (2003). Network-based intrusion detection using anomaly detection with neural networks. In Proceedings of the 9th Annual Conference of the Iranian Computer Association. Tehran. Retrieved from https://civilica.com/doc/45714
  • Amini Khoei, Z., & Puri, A. (2017). Network traffic classification using improved random forest algorithm. Computer Science, 2(2), 24–38.
  • Venkatesan, N., & Priya, G. (2015). A study of random forest algorithm with implementation using WEKA. International Journal of Innovative Research in Computer Science and Engineering, 1(6), 156–162.
  • Cutler, D. R., Cutler, A., & Stevens, J. R. (2012). Random forests. In L. I. Kuncheva (Ed.), Ensemble machine learning (pp. 157–175). Springer. https://doi.org/10.1007/978-1-4419-9326-7_5
  • Wong, J. (2016, May). KDDTrain+.arff. GitHub. Retrieved from https://github.com/jmnwong/NSL-KDD-Dataset/blob/master/KDDTrain%2B.arff
Transactions on Machine Intelligence
Volume 2, Issue 1
Winter 2019
Pages 48-58

  • Receive Date 22 October 2018
  • Revise Date 12 February 2019
  • Accept Date 21 March 2019