Feature Analysis, Evaluation and Comparisons of Classification Algorithms Based on Noisy Intrusion Dataset

Various studies have been carried on an Intrusion Detection System (IDS) environment bycomparingthe performance of various Machine Learning (ML)based on a refined intrusion dataset with an error-free environment. However, the real-world network data deals with a large amount of noisy information on transmission, and the IDS have to work in such an environment frequently. Dealing with such noisy data is, therefore, a challenging issue in an IDS environment for detecting threads from network activities. In this paper, various Data Mining (DM) and ML algorithms are evaluated and compared by normal and noisy dataset prepared from KDD’99 and NSL-KDD dataset (10%-20% Noise). The empirical results demonstrate that NN (SOM) is far better compared to other tested algorithms regarding robustness tonoisy environment; however,JRip and J48 from the tree family outperform others regarding overall performance matrices. Feature dependency on datasets for a specific classifier is analyzedby Performance-based Method of Ranking (PMR). The evaluation results statistically proved that each classifier has a unique combination of a feature subset to results optimal performance. Empirical results demonstrate that evaluations of IDS based on NSL-KDD give more realistic results compared to theKDD’99 original dataset.