A Comparative Analysis of Standard and Ensemble Classifiers on Intrusion Detection System

Abstract

With the increased dependence on the Internet, Network Intrusion Detection system (NIDs) becomes an indispensable part of information security system. NIDs aims at distinguishing the network traffic as either normal or abmormal. Due to the variety of network behaviors and the rapid development of attack strategies, it is necessary to build an intelligent and effective intrusion detection system with high detection rates and low false-alarm rates. One of the major developments in machine learning in the past decade is the ensemble method that generates a set of accurate and diverse classifiers that combine their outputs such that the resultant classifier outperforms all the single classifiers. In this work a comparative analysis on performance of three different ensemble methods, bagging, boosting and stacking is performed in order to determine the algorithm with high detection accuracy and low false positive rate. Three different experiments on NSL KDD data set are conducted and their performance evaluated based on accuracy, false alarms and computation time. The overall performance of the different types of classifiers used proved that ensemble machine learning classifiers outperformed the single classifiers with high detection accuracy and low false rates.