Detection of Abnormal Network Traffic by Machine Learning Methods

With the growth of computer networks and developed applications, it is expected that the damage caused by the network attacks will increase significantly. Intrusion Detection Systems (IDS) is one of the most important defense tools in avoiding growing network attacks. Intrusion Detection Systems are trained with the machine learning algorithms and after the training, it is aimed to detect the attacks in real time and to take the necessary measures. In this study, it is aimed to classify normal and abnormal packages flowing in computer networks using decision tree and random forest methods. The classification methods use 78 variables which are extracted from the PCAP file where the network traffic is recorded. When the results are examined, it is seen that the proposed method classifies more than one million records with close to 100% success and is effective in detecting abnormal traffic