MACHINE LEARNING BASED INTRUSION DETECTION SYSTEM USING STATISTICAL FEATURE RANKING METHOD

Abstract

Big data has made it easier for people to live an information-based Internet lifestyle, but it has also created a number of serious network security issues that make it difficult to use networks on a regular basis. At the moment, intrusion detection systems are mostly used to identify aberrant network traffic. To keep track of packets entering a network, an IDS employs sensors. To find malicious packets, the packet data with the attack signatures it has stored in memory, and then compare the results. Another sort of IDS analyses the patterns of the monitored packets to spot packets that are attempting to attack the network. These IDSs are believed to be able to identify new sorts of assaults and detect packet irregularities. Both varieties of IDSs provide reports of malicious activities at the management console. An IDS offers an automated system to find both internal and external intruders. Firewalls are used to show and/or restrict the ports and IP addresses used for communication between two entities, whereas IDS are able to inspect the content of the packets before acting.The actual process of the current traffic incursion detection systems needs to be changed, nonetheless, due to their numerous flaws and high resource occupation rate. So, utilising a Machine Learning (ML) technique, we suggested a statistical analysis-based intrusion detection system in this study. In this paper, we suggested a mechanism for detecting intrusions by applying the T test, a statistical tool for ranking analysis: two sample assuming unequal variances. A substantial amount of network traffic data that includes both malware data and normal traffic data is gathered in order to identify the pattern of the malware data. The t-test is used to score nine different traffic aspects for 2 both intrusion and regular traffic, resulting in nine "t" values from which other features were deduced. The Naive Bayes machine learning algorithm will then be applied to the 9 features, deleting one feature at a time that has the lowest “t” value to provide 9 alternative accuracy values. After examining the accuracy value, we get to the conclusion that the two features with the lowest value are removed in order to attain the highest accuracy, with accuracy of the data increasing as each of those two lower features are removed. The accuracy percentage of our work is 95.69% achieved on top 7 features rather than using all 9 features. Hence, we can argue that feature ranking using T-test helps us in improving the overall detection accuracy.