In this work an Intrusion Detection System to detect anomalies in networks system entries is presented. It is based on Machine Learning models and is composed of two components. The first component detects known anomalies with an accuracy beyond 95%. This component uses supervised models and several algorithms can be applied. In the use case analysed here, the best algorithm that fits the model is Random Forests. The second component detects unknown anomalies and benign entries and it is based on unsupervised models. In this use case, the unsupervised One–Class Support Vector Machines algorithm has been applied. This component has an accuracy of 80% detecting unknown anomalies.
Key challenges in global cybersecurity: Efforts and trends in EU (KCYEU-2022) co-located with DRCN 2022