Abstract

Abstract The internet connected devices are prone to cyber threats. Most of the companies are developing devices with built-in cyber threat protection mechanism or recommending prevention measure. But cyber threat is becoming harder to trace due to the availability of various tools and techniques to bypass the normal prevention measures. A data mining-based intrusion detection system can play a key role to handle such cyberattacks. This paper proposes a threefold approach to analyzing intrusion detection system. In the first phase, experiments have been conducted by applying SVM, Decision Tree, and KNN. In the second phase, Random Forest, and XGBoost are applied as lately they have been showing significant improved performance in supervised learning. Finally, deep learning techniques, namely, Feed Forward, LSTM, and Gated Recurrent Unit neural network are applied to conduct the experiment. Kyoto Honeypot Dataset is used for experimental purpose. The results show a significant improvement in IDS outperforming the state of the arts on this dataset. Such improvement strengthens the applicability proposed model in IDS.