ABSTRACT
Traditional Network Intrusion Detection Systems (NIDS) are well-proven signature-based systems which are widely deployed by organizations. They detect network intrusions by analyzing traffic against a set of static rules. However, they are losing their effectiveness against modern network attacks which are constantly evolving. These attacks are increasingly getting more dynamic in nature, many of which are now being further sophisticated with the usage of artificial intelligence. To combat these zero-day threats, the next-generation NIDS need to be able to defend against threats that are not currently known. NIDS that use machine learning-based techniques have shown some potential at detecting intrusions where their traditional counterparts have proved ineffective. Rather than programmed by a set of static rules, machine learning-based approaches involve learning from a reasonably large amount of network traffic data. The goal of this research is to investigate how effective machine learning-based techniques are when applied to network intrusion detection. The scope of this investigation also includes finding the best encoding for categorical values for our algorithms, identifying which attack types are easy and which are hard to make correct predictions for, and determining suitable hyperparameters for our models. The promising results from these experiments suggest that both machine learning-based and deep learning-based approaches are suited for network intrusion detection.
