Intensive Pre-Processing of KDD Cup 99 for Network Intrusion Classification Using Machine Learning Techniques

Ibrahim Obeidat, Nabhan Hamadneh, Mouhammd Alkasassbeh, Mohammad Almseidin, Mazen Ibrahim AlZubi


Abstract— Network security engineers work to keep services available all the time by handling intruder attacks. Intrusion Detection System (IDS) is one of the obtainable mechanism that used to sense and classify any abnormal actions. Therefore, the IDS must be always up to date with the latest intruder attacks signatures to preserve confidentiality, integrity and availability of the services. The speed of the IDS is very important issue as well learning the new attacks. This research work illustrates how the Knowledge Discovery and Data Mining (or Knowledge Discovery in Databases) KDD dataset is very handy for testing and evaluating different Machine Learning Techniques. It mainly focuses on the KDD preprocess part in order to prepare a decent and fair experimental data set. The techniques J48, Random Forest, Random Tree, MLP, Naïve Bayes and Bayes Network classifiers have been chosen for this study. It has been proven that the Random forest classifier has achieved the highest accuracy rate for detecting and classifying all KDD dataset attacks, which are of type (DOS, R2L, U2R, and PROBE).


— IDS, DDoS, MLP, Naïve Bayes, Random Forest

Full Text:


International Journal of Interactive Mobile Technologies (iJIM) – eISSN: 1865-7923
Creative Commons License
Scopus logo IET Inspec logo DBLP logo EBSCO logo Ulrich's logo MAS logo