Preprocessing Impact Analysis for Machine Learning-Based Network Intrusion Detection

Machine learning (ML) has been frequently used to build intelligent systems in many problem domains, including cybersecurity. For malicious network activity detection, ML-based intrusion detection (IDSs) are promising due their ability classify attacks autonomously after process. However, this is a challenging task the vast number of available methods current literature, ML classification algorithms and preprocessing techniques. analysis impact techniques on algorithm, study conducted extensive experiments, using support vector machines (SVM), classifier FS technique, several normalisation techniques, grid-search optimisation algorithm. These were sequentially tested three publicly datasets, NSL-KDD, UNSW-NB15, CICIDS2017. Subsequently, results analysed investigate each model extract insights for building efficient IDS. The exhibited that data significantly improves performance log-scaling outperformed other datasets. Additionally, suggested embedded SVM-FS accurate can improve classifier-dependent feature selection critical must be addressed. In conclusion, provides NIDS by revealing important information about preprocessing.