Network intrusion detection sysytem using K-means Clustering and gradient boosted tree classifier

Network intrusion detection is an important and dynamic research area because the internet is always subjected to an ever increasing number of security threats. As the type of attacks appearing is continuously changing, there is a need for developing adaptive and flexible security features. This is where anomaly-based network intrusion detection techniques are important to protect the network against malicious activities. In literature, many such intrusion detection systems have been proposed till date. In this paper, a hybrid model for intrusion detection by performing K-means clustering to form cluster models of the dataset and input it to the Gradient Boosted Tree classifier has been proposed. In order to evaluate the performance metrics the NSL-KDD dataset was used. The proposed model showed improved results having high detection rate of 99.3% and low false alarm rate of 0.19%.