Use the ensemble methods when detecting DoS attacks in Network Intrusion Detection Systems

Building a good IDS model from a certain dataset is one of the main tasks in machine learning. Trainingmultiple classifiers at the same time to solve the same problem and then combining their outputs to improveclassification quality, called ensemble method. This paper analyzes and evaluates the performance of usingknown ensemble techniques such as Bagging, AdaBoost, Stacking, Decorate, Random Forest and Voting to detect DoS attacks on UNSW-NB15 dataset, created by the Australian Cyber Security Center 2015. The experimental results show that the Stacking technique with heterogeneous classifiers for the best classification quality with F − Measure is 99.28% compared to 98.61%, which is the best result are obtained by using single classifiers and 99.02% by using the Random Forest technique.