Paper Key : IRJ************795
Author: Divya Dharshini G,Prathyusha N,Kughan Dss
Date Published: 07 Nov 2024
Abstract
Network intrusion detection systems that use machine learning rely on flow attributes gathered from protocols, like NetFlow for their operation effectively. Modern ML based intrusion detection systems operate under the assumption that they can extract flow related data from every packet within a given flow instance. However the reality is that flow exporters are often implemented in devices where packet sampling's unavoidable. As such ML driven intrusion detection systems may encounter challenges when dealing with sampled data sets than streams of flow information. In our research study we investigate how sampling packets can impact the performance of ML based NIDS (Network Intrusion Detection Systems). Unlike studies where the parameters of the flow export stage played a role, in the evaluation process here they are not a factor affecting our assessment process. This means that NIDS performance can still be accurately evaluated with packet sampling in place. Our experimental results demonstrate that fraudulent flows containing smaller packets sizes could possibly go unnoticed when using sampling rates low as 1 in 10 or 1 in 100. By employing an evaluation methodology we delved into how various sampling strategies influence both the detection and false alarm rates of NIDS. The ability to promptly and reliably detect vulnerabilities, within network systems has become increasingly crucial today. This system will undergo training using machine learning techniques to identify network packet assaults.