An evaluation of classification algorithms for intrusion detection
Intrusion detection system is one of the main technologies that is urgently used to monitor network traffics and identify network intrusions. Most of the available IDSs use all the 41 features in the network to evaluate and search for intrusive pattern in which some of them are redundant and irrelevant and they also generate a lot of false positive and false negative attacks. The problem of this approach is high detection time processing and generation of inaccurate results which limit the performance of intrusion detection system. In this work, Principal Component Analysis (PCA) was used to reduce the features in the dataset in order to reduce the number of computer resources time required to detect attack and the experiment was carry out using KDDcup99 dataset. Test and comparison were done on four machine language algorithms and the results shows that Neural Network algorithm (Nnge) performs better than other schemes because it was able to generate minimal false positive rate of 0.9% and 1% before and after feature reduction. The false negative alarm rate was 3.2% before and after feature reduction and also the classification accuracy was the best.
Keywords: Algorithm, Evaluation, Intrusion Detection, Principal Component Analysis.