Improving Network Security: An Intrusion Detection System (IDS) Dataset from Higher Learning Institutions, Mbeya University of Science and Technology (MUST), Tanzania

Daud M. Sindika; Mrindoko R. Nicholaus; Nabahani B. Hamadi

doi:10.37284/eajit.7.1.1679

Daud M. Sindika Mbeya University of Science and Technology
Mrindoko R. Nicholaus, PhD Mbeya University of Science and Technology
Nabahani B. Hamadi, PhD Mbeya University of Science and Technology

DOI: https://doi.org/10.37284/eajit.7.1.1679

Keywords: HLIs, IDS, Cyber Threat, ML, Algorithm

Share Article:

Abstract

Nowadays, Internet-driven culture securing computer networks in Higher Learning Institutions (HLIs) has become a major responsibility. Intrusion Detection Systems (IDS) are crucial for protecting networks from unauthorized activity and cyber threats. This paper examines the process of improving network security by creating a comprehensive IDS dataset using real traffic from HLIs, highlighting the importance of accurate and representative data in improving the system's ability to identify and mitigate future cyber-attacks. The IDS model was created using a variety of machine learning (ML) techniques. Metrics like accuracy, precision, recall, and F1-score were used to assess the performance of each model. The dataset used for training and testing was real-world network traffic data obtained from the institution's computer network. The results showed that the developed IDS obtained exceptional accuracy rates, with Random Forest, Gradient Boosting, and XGBoost models all achieving an accuracy of around 93%. Precision and recall values were likewise quite high across all algorithms. Furthermore, the study discovered that data quality has a substantial impact on IDS performance. Proper data preparation, feature engineering, and noise removal were found to be helpful in improving model accuracy and reducing false positives. While the IDS models performed well throughout validation and testing, implementing such systems in a production setting necessitates careful thought. As a result, the essay also examined the procedures for testing and deploying the IDS models in a real-world scenario. It underlined the significance of ongoing monitoring and maintenance in order to keep the model effective in identifying intrusions. The research aids in the progress of network security in HLI. Educational institutions can better protect their precious assets and sensitive information from cyberattacks by understanding the impact of data quality on IDS performance and implementing effective deployment techniques

Downloads

Download data is not yet available.

References

Abdulraheem, M. H., & Badie Ibraheem, N. (2019). A detailed analysis of new intrusion detection dataset. Journal of Theoretical and Applied Information Technology, 15, 17. www.jatit.org

Abrar, I., Ayub, Z., Masoodi, F., & Bamhdi, A. M. (2020). A Machine Learning Approach for Intrusion Detection System on NSL-KDD Dataset. Proceedings - International Conference on Smart Electronics and Communication, ICOSEC 2020, 919–924. https://doi.org/10.1109/ICOSEC49089.2020.9215232

A Detailed Analysis of Benchmark Datasets for Network Intrusion Detection System by Mossa Ghurab, Ghaleb Gaphari, Faisal Alshami, Reem Alshamy, Suad Othman: SSRN. (n.d.). Retrieved May 15, 2023, from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3834787

Alazzam, H., Sharieh, A., & Sabri, K. E. (2020). A feature selection algorithm for intrusion detection system based on Pigeon Inspired Optimizer. Expert Systems with Applications, 148, 113249. https://doi.org/10.1016/J.ESWA.2020.113249

Aljanabi, M., Ismail, M. A., & Ali, A. H. (2021a). Intrusion Detection Systems, Issues, Challenges, and Needs. International Journal of Computational Intelligence Systems, 14(1), 560– 571. https://doi.org/10.2991/IJCIS.D.210105.001

Aljanabi, M., Ismail, M. A., & Ali, A. H. (2021b). Intrusion detection systems, issues, challenges, and needs. International Journal of Computational Intelligence Systems, 14(1), 560– 571. https://doi.org/10.2991/IJCIS.D.210105.001

Bhati, B. S., Chugh, G., Al-Turjman, F., & Bhati, N. S. (2021). An improved ensemble based intrusion detection technique using XGBoost. Transactions on Emerging Telecommunications Technologies, 32(6), e4076. https://doi.org/10.1002/ETT.4076

Bongiovanni, I. (2019). The least secure places in the universe? A systematic literature review on information security management in higher education. Computers & Security, 86, 350–357. https://doi.org/10.1016/J.COSE.2019.07.003

Devi, P. P., & Kannan, S. (2021). Performance analysis of machine learning models for threats and attacks in network security traffic model. 48(12).

Farnaaz, N., & Jabbar, M. A. (2016). Random Forest Modeling for Network Intrusion Detection System. Procedia Computer Science, 89, 213– 217. https://doi.org/10.1016/J.PROCS.2016.06.047

Guezzaz, A., Benkirane, S., Azrour, M., & Khurram, S. (2021a). A Reliable Network Intrusion Detection Approach Using Decision Tree with Enhanced Data Quality. Security and Communication Networks, 2021. https://doi.org/10.1155/2021/1230593

Guezzaz, A., Benkirane, S., Azrour, M., & Khurram, S. (2021b). A Reliable Network Intrusion Detection Approach Using Decision Tree with Enhanced Data Quality. Security and Communication Networks, 2021. https://doi.org/10.1155/2021/1230593

Hasan, Md. A. M., Nasser, M., Ahmad, S., Molla, K. I., Hasan, Md. A. M., Nasser, M., Ahmad, S., & Molla, K. I. (2016). Feature Selection for Intrusion Detection Using Random Forest. Journal of Information Security, 7(3), 129–140. https://doi.org/10.4236/JIS.2016.73009

Jadhav, A. D., & Pellakuri, V. (2021). Highly accurate and efficient two phase-intrusion detection system (TP-IDS) using distributed processing of HADOOP and machine learning techniques. Journal of Big Data, 8(1), 1–22. https://doi.org/10.1186/S40537-021-00521-Y/FIGURES/7

Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019a). Survey of intrusion detection systems: techniques, datasets, and challenges. Cybersecurity, 2(1), 1–22. https://doi.org/10.1186/S42400-019-0038-7/FIGURES/8

Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019b). Survey of intrusion detection systems: techniques, datasets, and challenges. Cybersecurity, 2(1), 1–22. https://doi.org/10.1186/S42400-019-0038-7/FIGURES/8

Komisarek, M., Pawlicki, M., Kozik, R., Hołubowicz, W., & Choraś, M. (2021a). How to Effectively Collect and Process Network Data for Intrusion Detection? Entropy 2021, Vol. 23, Page 1532, 23(11), 1532. https://doi.org/10.3390/E23111532

Komisarek, M., Pawlicki, M., Kozik, R., Hołubowicz, W., & Choraś, M. (2021b). How to Effectively Collect and Process Network Data for Intrusion Detection? Entropy 2021, Vol. 23, Page 1532, 23(11), 1532. https://doi.org/10.3390/E23111532

Lalduhsaka, R., Khan, A. K., & Roy, A. K. (2021). Issues and Challenges in Building a Model for Intrusion Detection System. 2021 5th International Conference on Information Systems and Computer Networks, ISCON 2021. https://doi.org/10.1109/ISCON52037.2021.9702322

Lian, W., Nie, G., Jia, B., Shi, D., Fan, Q., & Liang, Y. (2020). An Intrusion Detection Method Based on Decision Tree-Recursive Feature Elimination in Ensemble Learning. https://doi.org/10.1155/2020/2835023

Mahbooba, B., Timilsina, M., Sahal, R., & Serrano, M. (2021). Explainable Artificial Intelligence (XAI) to Enhance Trust Management in Intrusion Detection Systems Using Decision Tree Model. Complexity, 2021. https://doi.org/10.1155/2021/6634811

Maseer, Z. K., Yusof, R., Bahaman, N., Mostafa, S. A., & Foozy, C. F. M. (2021). Benchmarking of Machine Learning for Anomaly Based Intrusion Detection Systems in the CICIDS2017 Dataset. IEEE Access, 9, 22351–22370. https://doi.org/10.1109/ACCESS.2021.3056614

Naagas, M., Jr, E. M., … T. P.-B. of E., & 2018, undefined. (2018). Defense-through-deception network security model: Securing university campus network from DOS/DDOS attack. Beei.Org, 7(4), 593–600. https://doi.org/10.11591/eei.v7i4.1349

Ngueajio, M. K., Washington, G., Rawat, D. B., & Ngueabou, Y. (2023). Intrusion Detection Systems Using Support Vector Machines on the KDDCUP’99 and NSL-KDD Datasets: A Comprehensive Survey. Lecture Notes in Networks and Systems, 543 LNNS, 609–629. https://doi.org/10.1007/978-3-031-16078-3_42/COVER

Nikoi, S. N., Nsiah-Konadu, A., Adu-Boahene, C., & Nsiah-Konandu, A. (2022). Enhancing the Design of a Secured Campus Network using Demilitarized Zone and Honeypot at Uew-kumasi Campus Enhancing the Design of a Secured Campus Network using Demilitarized Zone and Honeypot at Uew-Kumasi View project Enhancing the Design of a Secured Campus Network using Demilitarized Zone and Honeypot at Uew-kumasi Campus. Asian Journal of Research in Computer Science, 13(1), 14–28. https://doi.org/10.9734/AJRCOS/2022/v13i130304

Nkiama, H., Zainudeen, S., Said, M., & Saidu, M. (2016). A Subset Feature Elimination Mechanism for Intrusion Detection System. International Journal of Advanced Computer Science and Applications, 7(4). https://doi.org/10.14569/IJACSA.2016.070419

Samat, N. A. (2022). Intrusion Detection System: Challenges in Network Security and Machine Learning. EasyChair.

Shanmugam, T., & Malarkodi, B. (2019). Analysis of campus network management challenges and solutions. Proceedings of the 2019 TEQIP - III Sponsored International Conference on Microwave Integrated Circuits, Photonics and Wireless Networks, IMICPW 2019, 312– 316. https://doi.org/10.1109/IMICPW.2019.8933236

Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. https://doi.org/10.5220/0006639801080116

Tran, N., Chen, H., Bhuyan, J., & Ding, J. (2022a). Data Curation and Quality Evaluation for Machine Learning-Based Cyber Intrusion Detection. IEEE Access, 10, 121900– 121923. https://doi.org/10.1109/ACCESS.2022.3211313

Tran, N., Chen, H., Bhuyan, J., & Ding, J. (2022b). Data Curation and Quality Evaluation for Machine Learning-Based Cyber Intrusion Detection. IEEE Access, 10, 121900– 121923. https://doi.org/10.1109/ACCESS.2022.3211313

Wang, P., Wang, S., Chi, L., Huang, M., Luo, W., & Wan, X. (2019). Research on Network Security of Campus Network. Journal of Physics: Conference Series, 1187(4), 042113. https://doi.org/10.1088/1742-6596/1187/4/042113

Wu, H., & Wu, H. (2021). The Construction and Implementation of the Security Defense System of University Campus Network. Advances in Intelligent Systems and Computing, 1282, 691– 696. https://doi.org/10.1007/978-3-030-62743-0_99/COVER

Yang, X., Nan Zhu, A., Zhao, J., Li, X., Cao, Y., Huang, M., Luo, W., & Wan, X. (2019). Research on Network Security of Campus Network. Journal of Physics: Conference Series, 1187(4), 042113. https://doi.org/10.1088/1742-6596/1187/4/042113

Zheng, S., Li, Z., & Li, B. (2017). Campus Network Security Defense Strategy. 356–359. https://doi.org/10.2991/MECAE-17.2017.67

Zhou, Y., Cheng, G., Jiang, S., networks, M. D.-C., & 2020, undefined. (n.d.). Building an efficient intrusion detection system based on feature selection and ensemble classifier. Elsevier. Retrieved January 22, 2023, from https://www.sciencedirect.com/science/article/pii/S1389128619314203

Zulfiker, M. S., Kabir, N., Biswas, A. A., Nazneen, T., & Uddin, M. S. (2021). An in-depth analysis of machine learning approaches to predict depression. Current Research in Behavioral Sciences, 2, 100044. https://doi.org/10.1016/J.CRBEHA.2021.100044