-
Performance Analysis of Machine Learning-Based Intrusion Detection Systems with Hybrid Feature Selection
- Mohammad Al-Omari
Princess Sumaya University for Technology
m.alomari@psut.du.jo
- Qasem Abu Al-Haija
Department of Cybersecurity, Faculty of Computer & Information Technology, Jordan University of Science and Technology, PO Box 3030, Irbid 22110, Jordan
qsabuhaija@just.edu.jo
Keywords: Test
Abstract
More businesses are deploying powerful intrusion detection systems (IDS) to secure their data and physical assets. Improved cyber-attack detection and prevention in these systems requires machine learning (ML) approaches. This paper examines a cyber-attack prediction system combining feature selection (FS) and ML. Our technique's foundation was based on correlation analysis (CA), mutual information (MI), and recursive feature reduction with cross-validation. To optimize IDS performance, security features must be carefully selected from multiple-dimensional datasets, and our hybrid FS technique must be extended to validate our methodology using the improved UNSW-NB 15 and TON_IoT datasets. Our technique identified 22 key characteristics in UNSW-NB-15 and 8 in TON_IoT. We evaluated prediction using seven ML methods: Decision Tree (DT), Random Forest (RF), Logistic Regression (LR), Naive Bayes (NB), K-Nearest Neighbors (KNN), Support Vector Machines (SVM), and Multilayer Perceptron (MLP) classifiers. The DT, RF, NB, and MLP classifiers helped our model surpass the competition on both datasets. Therefore, the investigational outcomes of our hybrid model may help IDSs defend business assets from various cyberattack vectors.