Intrusion Detection Project

Attacks on computer network traffic are increasingly common and varied, this is a big problem especially when the network is centralized, as in the case of software defined networks (SDN). Therefore, an Intrusion Detection System (IDS) needs to be implemented, so the diver types of attacks can be detected and avoided. The machine learning technique is widely used in data classification and detection of anomalous events, bringing a good result in the area of computer networks. Besides that, the entropy analysis and the distance between two datasets are also efficient techniques in the analyze of uncommon events.

However, each technique has its limitations, so this work aims to study the combination of techniques to improve their performance. Therefore, a new IDS capable of detecting some of the most common types of attacks – Denial of Service (DoS), Probing, Remote to Local (R2L) and User to Root (U2R) - can be created.

The widely used KDD CUP 99 dataset is used in this work for training and testing Machine Learning algorithms.

This work resulted in a publication at the 2020 International Conference on Information Networking (ICOIN): “Combining Machine Learning and Behavior Analysis Techniques for Network Security”.