Evaluation of Diagonal Confidence-Weighted Learning on the KDD Cup 1999 Dataset for Network Intrusion Detection Systems

Abstract

In this study, I evaluate the performance of diagonal Confidence-Weighted (CW) online linear classification on the KDD Cup 1999 dataset for network intrusion detection systems (NIDS). This is a compatible relationship due to the large number of instances in NIDS datasets, as well as the constantly changing feature distributions. CW learning achieves approximately 92% accuracy on the KDD dataset when optimized, which is higher than both Perceptron and the Passive-Aggressive algorithm. CW learning also achieves faster convergence rates than both of these algorithms. Moreover, the accuracy of CW learning on the KDD dataset is comparable to several batch-learning algorithms. This challenges the assumption that batch learning should always be used when feasible. Due to shortcomings of the KDD dataset, a full generalization of CW learning to additional NIDS environments cannot yet be made. Nonetheless, this study shows that there is great promise to applying CW learning to future NIDS research.