Design and Development of an Efficient Network Intrusion Detection System Using Machine Learning Techniques
Table 13
UNSW-NB15 dataset evaluated with hybrid NID-Shield NIDS approach.
(a)
Total instances
1,75,341
Correctly classified instances
1, 75,183 (99.91%)
Incorrectly classified instances
158
Execution time
318.15 seconds
Kappa measures
0.9835
MAE
0.0007
RMSE
0.0121
RAE
6.3124%
RRSE
18.4253%
(b)
Accuracy
TP rate
FP rate
Precision
Recall
-measure
MCC
ROC area
PRC area
Class
100%
1.000
0.000
1.000
1.000
1.000
1.000
1.000
1.000
Normal
99.45%
0.994
0.007
0.996
0.998
0.997
0.995
0.999
0.999
Reconnaissance
99.71%
0.997
0.006
0.998
0.999
0.999
0.999
1.000
1.000
Backdoor
99.10%
0.991
0.007
0.995
0.991
0.997
0.997
1.000
1.000
DoS
98.70%
0.987
0.008
0.993
0.982
0.982
0.993
0.994
0.993
Exploits
99.20%
0.992
0.007
0.989
0.993
0.996
0.998
1.000
1.000
Analysis
90.14%
0.901
0.012
0.917
0.941
0.962
0.972
0.971
0.978
Fuzzers
100%
1.000
0.000
1.000
1.000
1.000
1.000
1.000
1.000
Worms
99.61%
0.996
0.006
0.997
0.999
0.997
0.997
1.000
1.000
Shellcode
99.70%
0.997
0.004
0.998
0.998
0.999
0.997
1.000
1.000
Generic
Weighted Avg.
99.89%
0.998
0.006
0.999
0.998
0.997
0.992
1.000
1.000
(c)
Confusion matrix
56000
0
0
0
0
0
0
0
0
0
0
10488
0
0
0
0
0
0
0
0
0
0
1740
0
0
0
0
0
0
2
0
0
0
12260
0
0
0
0
0
0
0
2
0
0
33383
0
0
0
0
3
0
0
0
0
0
1993
0
0
0
0
0
0
3
3
7
0
18177
0
4
8
0
0
0
0
0
3
0
130
0
0
0
1
0
0
3
0
7
0
1129
0
0
0
3
1
0
4
0
0
0
39987
—classified as Normal, —classified as Reconnaissance, —classified as Backdoor, —classified as DoS, —classified as Exploits, —classified as Analysis, —classified as Fuzzers, —classified as Worms, —classified as Shellcode, and —classified as Generic.
