Comparison of Machine Learning Algorithms trained under Differential Privacy for Intrusion Detection Systems

Intrusion Detection Systems (IDS) are valuable tools for the proper identification and the timely response to potential security threats in a network, using traffic analysis and anomalous activities detection. Traditional IDS rely on rule-based or signature-based methods to detect known cyber attacks, but these methods often fail to detect novel ones. There has been a growing interest recently, in using Machine Learning (ML) algorithms to enhance the detection capabilities of IDS. As a downturn, the datasets used by ML algorithms for IDS applications refers to network logs which may contain sensitive information, resulting in privacy threats. To address this issue, Differential Privacy (DP) can be used to preserve the privacy of network logs, while still allowing the ML algorithm to extract useful information from the data. In this work we test the performance of four popular ML classifiers (Gaussian Naive Bayes, Logistic Regression, Support Vector Machines, Random Forest Classifier) in the CIC-IDS2017 dataset when a DP mechanism is added to each algorithm in comparison with the classical non-DP setting.