Abstract:
With the increasing development and use of the internet, cyber-attacks have evolved
and more novel attacks with devastating effects are witnessed. The existing Intrusion
Detection System (IDS) has not achieved maximum performance due to high false
positives and low detection rates which causes low detection accuracies. The aim of
the study was to determine the effectiveness of IDS by using the Asynchronous
Advantage Actor-Critic (A3C) algorithm to address the current shortcomings. The
objectives of the study were: To determine the effectiveness of using the
Asynchronous Advantage Actor-Critic algorithm in anomaly detection; To develop an
Intrusion Detection System model, based on Asynchronous Advantage Actor-Critic
(A3C) Algorithm; To evaluate the performance of the model developed. The
theoretical framework adopted was informed by Computational Learning and
Machine Learning theories. The study used a quantitative research approach and
experimental research design. The secondary data used for evaluation in this study
was the University of New South Wales Network Based 2015 (UNSW-NB15) dataset
which was purposively selected as it is a well-established benchmark network
intrusion simulation dataset. The dataset contained the UNSW-NB15_TRAIN and
UNSW-NB15_TEST sets which were selected and utilized in the study. The records
selected were 175,341 records to form the training subset and 82,332 records for the
testing subset among the original 2,218,761 records. The UNSW-NB15 dataset was
preprocessed to ensure quality results and all features of the dataset were used in the
experiment. The method employed in analysis for this study was by using predictive
analytics where the model’s prediction ability was evaluated and hence the
performance rated. The results of this study showed that the capabilities of the A3C
algorithm in intrusion detection could perform better as seen in other fields like
robotics in automation. From the experiment, the model achieved an accuracy of
93.8%, precision of 92.2% and recall of 95.7% with the compute resource use being
average. The experiments showed that the agents quickly learned the optimal policy
and maintains the policy until the end of the experiment. The study concludes by
pointing out that with the accuracy attained, the learning capabilities of the model can
still be increased by fine-tuning it so that it discovers new policies quickly as this is
essential to attaining a higher accuracy rate. A recommendation made based on the
study was that A3C can be adopted in intrusion detection because of the accuracy of
detection and low resource consumption. More research can be done on the adoption
of A3C in IDSs by using more training data as this could further improve the model
performance.