COMPARATIVE STUDY OF MACHINE LEARNING METHODS FOR DETECTING ANOMALIES IN NETWORK TRAFFIC

The demand for intrusion detection systems (IDSs) that can promptly identify both known and new types of attacks is on the rise due to the rapid expansion of cyber threats and the consequent increase in network traffic. The utilization of machine learning techniques to autonomously analyze the behavior of network packets and classify them as normal or malicious is a promising way to address this issue. The objective of this investigation is to assess the suitability of a variety of machine learning algorithms for the resolution of network security issues by employing network data analysis as an illustration. This investigation assesses the efficacy of machine learning models in detecting network intrusions using the UNSW-NB15 dataset. This study’s primary objective is to assess the effectiveness of various machine learning models, including Random Forest, K-Nearest Neighbors (KNN), Support Vector Machine (SVM), XGBoost, LightGBM, and Logistic Regression, in network security applications. According to the analysis, all models exhibited high classification accuracy; however, the LightGBM model attained the most remarkable results. This model exhibited the highest values of Accuracy (95.86%), Precision (96.02%), and F1-measure (96.99%), confirming its capacity to effectively manage complex and heterogeneous data. Overall, the study underscores the significance of selecting the most appropriate model based on the security system’s objectives and the specifics of the data.

1. Zhexebay, D., Skabylov, A., Ibraimov, M., Khokhlov, S., Agishev, A., Kudaibergenova, G., Orazakova, A., & Agishev, A. Deep Learning for Early Earthquake Detection: Application of Convolutional Neural Networks for P-Wave Detection. Applied Sciences, 15(7), 3864 (2025). https://doi.org/10.3390/app15073864.

2. Moulaei, K., Shanbehzadeh, M., Mohammadi-Taghiabad, Z., Mousavi, S. F., & Jafari, S. Comparing machine learning algorithms for predicting COVID-19 mortality. BMC Medical Informatics and Decision Making, 22(1), 2 (2022). https://doi.org/10.1186/s12911-021-01742-0.

3. Seydi, S. T., Kanani-Sadat, Y., Hasanlou, M., Sahraei, R., Chanussot, J., & Amani, M. Comparison of Machine Learning Algorithms for Flood Susceptibility Mapping. Remote Sensing, 15(1), 192 (2023). https://doi.org/10.3390/rs15010192.

4. Zhao, Z., Islam, F., Waseem, L. A., Tariq, A., Nawaz, M., Islam, I. U., Bibi, T., Rehman, N. U., Ahmad, W., Aslam, R. W., Raza, D., & Hatamleh, W. A. Comparison of three machine learning algorithms using Google Earth Engine for Land Use Land Cover classification. Rangeland Ecology & Management, 92, 129– 137 (2024). https://doi.org/10.1016/j.rama.2023.10.007.

5. Ijaz, M., Durad, M. H., & Ismail, M. Static and dynamic malware analysis using machine learning. In 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST) (pp. 687–691). IEEE (2019). https://doi.org/10.1109/IBCAST.2019.8667136.

6. Akhtar, M. S., & Feng, T. Malware Analysis and Detection Using Machine Learning Algorithms. Symmetry, 14(11), 2304 (2022). https://doi.org/10.3390/sym14112304.

7. Baker del Aguila, R., Contreras Pérez, C. D., Silva-Trujillo, A. G., Cuevas-Tello, J. C., & NunezVarela, J. Static Malware Analysis Using Low-Parameter Machine Learning Models. Computers, 13(3), 59 (2024). https://doi.org/10.3390/computers13030059.

8. Zhang, C., Jia, D., Wang, L., Wang, W., Liu, F., & Yang, A. Comparative research on network intrusion detection methods based on machine learning. Computers & Security, 121, 102861 (2022). https://doi.org/10.1016/j.cose.2022.102861.

9. Ahmad, Z., Khan, A. S., Shiang, C. W., Abdullah, J., & Ahmad, F. Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 32(1), e4150 (2021). https://doi.org/10.1002/ett.4150.

10. Asif, M., Abbas, S., Khan, M. A., Fatima, A., Khan, M. A., & Lee, S.-W. MapReduce based intelligent model for intrusion detection using machine learning technique. Journal of King Saud University – Computer and Information Sciences, 34(10, Part B), 9723–9731 (2022). https://doi.org/10.1016/j.jksuci.2021.12.008.

11. Musleh, D., Alotaibi, M., Alhaidari, F., Rahman, A., & Mohammad, R.M. Intrusion detection system using feature extraction with machine learning algorithms in IoT. Journal of Sensor and Actuator Networks, 12(2), 29 (2023). https://doi.org/10.3390/jsan12020029.

12. Attou, H., Guezzaz, A., Benkirane, S., Azrour, M., & Farhaoui, Y. Cloud-based intrusion detection approach using machine learning techniques. Big Data Mining and Analytics, 6(3), 311–320 (2023). https://doi.org/10.26599/BDMA.2022.9020038.

13. Saheed, Y.K., Abiodun, A.I., Misra, S., Holone, M.K., & Colomo-Palacios, R. A machine learningbased intrusion detection for detecting Internet of Things network attacks. Alexandria Engineering Journal, 61(12), 9395–9409 (2022). https://doi.org/10.1016/j.aej.2022.02.063.

14. Moustafa, N., & Slay, J. UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). 2015 Military Communications and Information Systems Conference (MilCIS), 1–6 (2015). https://doi.org/10.1109/MilCIS.2015.7348942.

15. Turukmane, A.V., & Devendiran, R. M-MultiSVM: An efficient feature selection assisted network intrusion detection system using machine learning. Computers & Security, 137, 103587 (2024). https://doi.org/10.1016/j.cose.2023.103587.

16. Ajagbe, S.A., & Alabi, O.O. Comparative Study of Machine Learning Models Using UNSW Datasets. In The 45th Annual Conference of the South African Institute of Computer Scientists and Information Technologists (p. 69). URL: https://saicsit2024.mandela.ac.za/saicsit2024/media/Store/documents/SAICSIT_PGS_v1-3.pdf#page=72.

17. Hussain, A., Khatoon, A., Aslam, A., & Khosa, M. A comparative performance analysis of machine learning models for intrusion detection classification. Journal of Cybersecurity, 6,1 (2024). https://www.proquest.com/openview/08a4c605b57abbca71467cce40765b15/1?pq-origsite=gscholar&cbl=4585457.

18. Mishra, N., & Mishra, S. A Review of Machine Learning-based Intrusion Detection System. EAI Endorsed Transactions on Internet of Things, 10 (2024). https://doi.org/10.4108/eetiot.5332.

19. Tahri, R., Benslimane, Y., Rifi, M., & Maqnaoui, M. Intrusion detection system using machine learning algorithms. ITM Web of Conferences, 46, 02003 (2022). https://doi.org/10.1051/itmconf/20224602003.

20. Saranya, T., Sridevi, S., Deisy, C., Chung, T. D., & Ahamed Khan, M.K. Performance analysis of machine learning algorithms in intrusion detection system: A review. Procedia Computer Science, 171, 1251–1260 (2020). https://doi.org/10.1016/j.procs.2020.04.133.