As part of university's final year project six classifiers were tested on Bot-IoT dataset (https://research.unsw.edu.au/projects/bot-iot-dataset):
- K-Nearest Neighbours (KNN)
- Gradient Boosing Machine (GBM)
- Random Forest (RF)
- Support Vector Machine (SVM)
- Adaboost
- Artificial Neural Networks (ANN), specifically Multi-Layer Perceptron (MLP)
This dataset comprises of realistic attack traffic, including DoS & DDoS, port scanning, OS fingerprinting, keylogging, and data exfiltration.
The Bot-IoT dataset is also imbalanced, hence, to increase the size of minority classes and to increase the overall efficiency of IDS, a method called Synthetic Minority Oversampling Technique (SMOTE) is employed. The results obtained through evaluation of binary and multi-class classifiers demonstrate a high classification accuracy. Using RF, it was possible to achieve 99.99% and 98.80% accuracy on the binary and multi-class classifications, respectively.