An Intrusion Detection System for Network Cyber Security Using Hybrid Feature Selection Algorithms
Subject Areas : Neural networks and deep learningGolnaz Aghaee Ghazvini 1 , zahra Oday Kamil 2
1 - Department of Computer Engineering, Dolatabad Branch, Islamic Azad University, Dolatabad, Isfahan, Iran
2 - 1Department of Computer engineering, Isfahan (Khorasgan) Branch, Islamic Azad University, Isfahan, Iran
Keywords: intrusion detection, Minimum Redundancy Maximum Relevance, Gray Wolf Optimization, Support Vector Machines,
Abstract :
One of the most important challenges of the expansion of the Internet and virtual space is cyber-attacks. These attacks are becoming new every day and it is becoming more difficult to deal with them. As a result, methods should be used to detect them, which can detect all types of cyber-attacks in the shortest possible time and with proper accuracy. Nowadays, machine learning methods are usually used to detect cyber-attacks. But since the data related to cyber-attacks have many characteristics and are kind of bulky data, as a result, the accuracy of conventional machine learning methods to detect them is usually low. In this research, we have used a hybrid feature selection method to select optimal features from the database related to cyber-attacks, which increases the accuracy of attack detection by classification models. In the proposed feature selection method, first the features that have the least redundancy with each other and at the same time are most related to the category variables (labels) are selected by the MRMR algorithm. Then, using a wrapper feature selection method based on the gray wolf optimization (GWO) algorithm to select a subset of the features selected from the previous step, which maximizes the accuracy of the SVM classifier model, is used this subset has optimal features by which the SVM model is trained. As a result, the accuracy of detecting cyber-attacks by the SVM model increases. According to the simulation results, the average accuracy of the proposed method for detecting cyber-attacks is 99.84%, which has improved compared to the intrusion detection methods of the reference article.
[1] Folorunso, O., O.O. Akande, A.O. Ogunde and O.R. Vincent 2010. ID-SOMGA: A self organising migrating genetic algorithm-based solution for intrusion detection. Comput. Inform. Sci., 3: 80-92
. [2] Trair, D., W. Ma, D. Sharma and T. Nguyen, 2007. Fuzzy vector quantization for network intrusion detection. Proceedings of the IEEE International Conference on Granular Computing, Nov. 2-4, IEEE Xplore Press, Fremont, CA., pp: 566-566. DOI: 10.1109/GrC.2007.124
[3] Lazarevic, A., L. Ertoz, V. Kumar, A. Ozgur and J. Srivastava, 2003. A comparative study of anomaly detection schemes in network intrusion detection. Proceedings of the 3rd SIAM International Conference on Data Mining, (CDM’ 03), SIAM.
[4] Chen, Y., Y. Li, X.Q. Cheng and L. Guo, 2006. Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System. Proceedings of the 2nd SKLOIS conference on Information Security and Cryptology, Nov. 29-Dec. 1, Springer Berlin Heidelberg, Beijing, China, pp: 153-167.
[5] D. E. Denning, “An intrusion detection model,” IEEE Transactions on Software Engineering, vol. 13, no. 2, pp. 222-232, 1987.
[6] W. Gongxing and H. Yimin, “Design of a new intrusion detection system based on database,” in Proc. 2009 International Conference on Signal Processing Systems, 2009, pp. 814-817
. [7] A. K. Saxena, S. Sinha, and P. Shukla, “General study of intrusion detection system and survey of agent-based intrusion detection system,” in Proc. 2017 International Conference on Computing, Communication and Automation (ICCCA), 2017, pp. 421-471
. [8]
S. Northcutt and J. Novak, “Network intrusion detection,” IEEE Network, vol. 8, no. 3, pp. 26-41, 2003. [9] L. Haripriya and M. A. Jabbar, “Role of machine learning in intrusion detection system: Review,” in Proc. 2018 Second International Conference on Electronics, Communication and Aerospace Technology (ICECA), 2018, pp. 925-929
. [10] M. B. Subba, S. Biswas, and S. Karmakar, “A neural network-based system for intrusion detection and attack classification,” in Proc. 2016 Twenty Second National Conference on Communication (NCC), 2016, pp. 1-6
. [11] P. S. Tang, X. L. Tang, and Z. Y. Tao, “Research on feature selection algorithm based on mutual information and genetic algorithm,” in Proc. 2014 11th International Computer Conference on Wavelet Active Media Technology and Information Processing, 2014#. [12]
S. Aksoy, “Feature reduction and selection,” Department of Computer Engineering, Bilkent University, 2008. [13] B. Kavitha, S. Karthikeyan, and B. Chitra, “Efficient intrusion detection with reduced dimension using data mining classification methods and their performance comparison,” in Proc. International Conference on Business Administration and Information Processing, 2010, pp. 96-101
. [14] K. S. Desale and R. Ade, “Genetic algorithm-based feature selection approach for effective intrusion detection system,” in Proc. 2015 International Conference on Computer Communication and Informatics (ICCCI), 2015, pp. 1-6
.