Detecting Unauthorized Intrusions Using the IDS 2018 Dataset

Abstract

Cyber-attack is a dangerous attack technique used by attackers to attack information systems. There are two methods to detect cyber-attacks that are based on the set of signs and based on abnormal behaviors of the network data. In this paper, based on the IDS 2018 dataset, we propose a method to detect cyber-attacks in the system. Accordingly, in our research, we will use a combination of network traffic analysis tool (in order to seek the characteristics and behavior of the network) with machine learning algorithms (in order to classify abnormal and normal characteristics of the network). Specifically, we use the CICFlowMeter-V3 tool to analyze the network traffic into 80 features including various cyber-attack techniques such as DoS, DDoS, Infiltration, Botnet and then use the Random Forest supervised machine learning algorithm to detect attacks.