Network Intrusion Detection System: Classification, Techniques and Datasets to Implement

The Network Intrusion Detection System (NIDS) is a useful security utility that helps to prevent unauthorized and unwanted access to network resources by observing the network traffic and identify the records as either normal or abnormal. In this paper, compare three algorithms for network intrusion detection SVM, KNN and Decision Tree over Dos, Normal, R2L and U2R attacks. The features of SVM dataset are the decline for each type of attacks using correlation-based selection feature method. Then with the reduced feature set, discriminant analysis has done for the classification of different records. Comparison with other techniques shows that modified approach provides good classification rate for Normal, Dos, R2L (Remote-to-Local) and U2R (User-to-Root) attacks. A NIDS can be a software or piece of hardware. Many NIDS tools will store event or log of the event at a later date or will combine events with other data to make decisions about damage control or regarding policies. This paper shows the comparison of the different types of attacks that can be detected in a simulated core network environment. The different types of attacks are normal, DoS, Probe attacks, R2L and U2R attacks. The proposed method is implemented by the Python (Anaconda Navigator) and R programming software and tested on NSL-KDD dataset.