Next Article in Journal
A Fault Diagnosis Method of Mine Hoist Disc Brake System Based on Machine Learning
Next Article in Special Issue
DeepDCA: Novel Network-Based Detection of IoT Attacks Using Artificial Immune System
Previous Article in Journal
Experimental Evaluation and Numerical Simulation of the Thermal Performance of a Green Roof
Previous Article in Special Issue
Automated Vulnerability Detection in Source Code Using Minimum Intermediate Representation Learning
Article

Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches

1
Department of Computer Science & Engineering, School of Engineering, University of Cádiz, 11519 Cádiz, Spain
2
Department of Computer Engineering, School of Engineering, University of Burgos, 09006 Burgos, Spain
3
Department of Automatic, Electronic, Computer Architecture & Communication Networks Engineering, School of Engineering, University of Cádiz, 11519 Cádiz, Spain
*
Author to whom correspondence should be addressed.
Appl. Sci. 2020, 10(5), 1775; https://doi.org/10.3390/app10051775
Received: 23 January 2020 / Revised: 24 February 2020 / Accepted: 27 February 2020 / Published: 4 March 2020
Presently, we are living in a hyper-connected world where millions of heterogeneous devices are continuously sharing information in different application contexts for wellness, improving communications, digital businesses, etc. However, the bigger the number of devices and connections are, the higher the risk of security threats in this scenario. To counteract against malicious behaviours and preserve essential security services, Network Intrusion Detection Systems (NIDSs) are the most widely used defence line in communications networks. Nevertheless, there is no standard methodology to evaluate and fairly compare NIDSs. Most of the proposals elude mentioning crucial steps regarding NIDSs validation that make their comparison hard or even impossible. This work firstly includes a comprehensive study of recent NIDSs based on machine learning approaches, concluding that almost all of them do not accomplish with what authors of this paper consider mandatory steps for a reliable comparison and evaluation of NIDSs. Secondly, a structured methodology is proposed and assessed on the UGR’16 dataset to test its suitability for addressing network attack detection problems. The guideline and steps recommended will definitively help the research community to fairly assess NIDSs, although the definitive framework is not a trivial task and, therefore, some extra effort should still be made to improve its understandability and usability further. View Full-Text
Keywords: network intrusion detection; NIDS; machine learning; attack detection; communications networks; methodology network intrusion detection; NIDS; machine learning; attack detection; communications networks; methodology
Show Figures

Graphical abstract

MDPI and ACS Style

Magán-Carrión, R.; Urda, D.; Díaz-Cano, I.; Dorronsoro, B. Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches. Appl. Sci. 2020, 10, 1775. https://doi.org/10.3390/app10051775

AMA Style

Magán-Carrión R, Urda D, Díaz-Cano I, Dorronsoro B. Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches. Applied Sciences. 2020; 10(5):1775. https://doi.org/10.3390/app10051775

Chicago/Turabian Style

Magán-Carrión, Roberto; Urda, Daniel; Díaz-Cano, Ignacio; Dorronsoro, Bernabé. 2020. "Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches" Appl. Sci. 10, no. 5: 1775. https://doi.org/10.3390/app10051775

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop