Performance Comparison of Support Vector Machine, Random Forest, and Extreme Learning Machine for Intrusion Detection

I. Ahmad, Department of Information Technology, Faculty of Computing and information Technology, King Abdulaziz University, Jeddah, Saudi Arabia
M. Basheri, Department of Information Technology, Faculty of Computing and information Technology, King Abdulaziz University, Jeddah, Saudi Arabia
M.J. Iqbal, Department of Computer Science, University of Engineering and Technology Taxila, Pakistan;
A. Raheem, School of Computing, Technological University Dublin, Dublin, Ireland

Document Type Article

May 2018 IEEE Access PP(99):1-1 DOI: 10.1109/ACCESS.2018.2841987

Abstract

Intrusion detection is a fundamental part of security tools, such as adaptive security appliances, intrusion detection systems, intrusion prevention systems and firewalls. Various intrusion detection techniques are used, but their performance is an issue. Intrusion detection performance depends on accuracy, which needs to improve to decrease false alarms and to increase the detection rate. To resolve concerns on performance, multilayer perceptron, support vector machine (SVM), and other techniques have been used in recent work. Such techniques indicate limitations and are not efficient for use in large datasets, such as system and network data. The intrusion detection system is used in analyzing huge traffic data; thus, an efficient classification technique is necessary to overcome the issue. This problem is considered in this paper. Well-known machine learning techniques, namely, SVM, random forest, and extreme learning machine are applied. These techniques are well-known because of their capability in classification. The NSL–knowledge discovery and data mining dataset is used, which is considered a benchmark in the evaluation of intrusion detection mechanisms. The results indicate that ELM outperforms other approaches.