cndcgs

Challenges to national defence in contemporary geopolitical situation

2538-8959 2669-2023

LKA

7_CNDCGS_2022_55-61

10.47459/cndcgs.2022.7

Article

Network Attack Detection Using Machine Learning Methods

ZAGORODNA

Nataliya

zagorodna.n@gmail.com Department of Cybersecurity, Faculty of Computer Information Systems and Software Engineering, Department of Cybersecurity, Ternopil Ivan Puluj National Technical University, Ukraine STADNYK

Mariia

maria.stadnyk@gmail.com ∗∗ Department of Cybersecurity, Faculty of Computer Information Systems and Software Engineering, Department of Cybersecurity, Ternopil Ivan Puluj National Technical University, Ukraine LYPA

Borys

borislipa699@gmail.com Department of Cybersecurity, Faculty of Computer Information Systems and Software Engineering, Department of Cybersecurity, Ternopil Ivan Puluj National Technical University, Ukraine GAVRYLOV

Mykola

gavrilovnikolay1999@gmail.com Department of Cybersecurity, Faculty of Computer Information Systems and Software Engineering, Department of Cybersecurity, Ternopil Ivan Puluj National Technical University, Ukraine KOZAK

Ruslan

ruslan.o.kozak@gmail.com Department of Cybersecurity, Faculty of Computer Information Systems and Software Engineering, Department of Cybersecurity, Ternopil Ivan Puluj National Technical University, Ukraine

∗∗Corresponding author.

2022 1 55 61

03 11 2022

Creative Commons Attribution International License (CC BY)

This paper presents the result of the study of network intrusion detection using machine learning algorithms. The creation and training of such algorithms is seriously limited by the small number of actual datasets available for public access. The CSE-CIC-IDS2018 data set, used in research, includes 7 subsets of different attack scenarios. Each subset is labeled using a few subtypes of a given attack or normal behavior. That is why the problem of network attack detection has been considered a multiclassification problem. Some of the most popular classifiers will be tested on the chosen data set. Classification algorithms are developed using a standard Python programming environment and the specialized machine learning library Scikit-learn. In the paper, a comparative analysis of the results was performed based on the the application of Random Forest, XGBoost, LR, and MLP classifiers.

Keywords network attack DOS DDOS botnet cybersecurity machine learning classification Random Forest XGBoost MLP classifier LR