Towards Data-Driven Network Intrusion Detection Systems: Features Dimensionality Reduction and Machine Learning

Cyberattacks have increased in tandem with the exponential expansion of computer networks and network applications throughout world. In this study, we evaluate compare four features selection methods, seven classical machine learning algorithms, deep algorithm on one million random instances CSE-CIC-IDS2018 big data set for intrusions. The dataset was preprocessed cleaned all algorithms were trained original values features. feature methods highlighted importance related to forwarding direction (FWD) two flow measures (FLOW) predicting binary traffic type; benign or attack. Furthermore, results revealed that whether models are top 30 selected by any techniques used experiment, there is no significant difference model performance. Moreover, may be able train ML only them perform similarly data,which result preferable terms complexity, explainability, scale deployment. choosing unanimity instead features, training time reduced from 10% 50%