A multi-objective evolutionary fuzzy system to obtain a broad and accurate set of solutions in intrusion detection systems

Elhag, Salma; Fernández, Alberto; Altalhi, Abdulrahman H.; Alshomrani, Saleh; Herrera, Francisco

doi:10.1007/s00500-017-2856-4

Cited by 51 publications

(19 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…More specifically, for each dataset, we provide the confusion matrix derived from the testing process of CFS-BA-Ensemble, and compare the performance of the proposed algorithm with no feature selection and some state-of-the-art methods in terms of several detection metrics, including Accuracy (Acc), precision, Detection Rate (DR), F-Measure, Attack Detection Rate (ADR), and False Alarm Rate (FAR). The mathematical calculations of the utilized evaluation metrics are explained in [25].…”

Section: Resultsmentioning

confidence: 99%

Building an efficient intrusion detection system based on feature selection and ensemble classifier

et al. 2020

View full text Add to dashboard Cite

A B S T R A C T Intrusion detection system (IDS) is one of extensively used techniques in a network topology to safeguard the integrity and availability of sensitive assets in the protected systems. Although many supervised and unsupervised learning approaches from the field of machine learning have been used to increase the efficacy of IDSs, it is still a problem for existing intrusion detection algorithms to achieve good performance. First, lots of redundant and irrelevant data in high-dimensional datasets interfere with the classification process of an IDS. Second, an individual classifier may not perform well in the detection of each type of attacks. Third, many models are built for stale datasets, making them less adaptable for novel attacks. Thus, we propose a new intrusion detection framework in this paper, and this framework is based on the feature selection and ensemble learning techniques. In the first step, a heuristic algorithm called CFS-BA is proposed for dimensionality reduction, which selects the optimal subset based on the correlation between features. Then, we introduce an ensemble approach that combines C4.5, Random Forest (RF), and Forest by Penalizing Attributes (Forest PA) algorithms. Finally, voting technique is used to combine the probability distributions of the base learners for attack recognition. The experimental results, using NSL-KDD, AWID, and CIC-IDS2017 datasets, reveal that the proposed CFS-BA-Ensemble method is able to exhibit better performance than other related and state of the art approaches under several metrics.

show abstract

Section: Resultsmentioning

confidence: 99%

Building an efficient intrusion detection system based on feature selection and ensemble classifier

et al. 2020

View full text Add to dashboard Cite

show abstract

“…In [106], Elhag et al combine a multi-objective evolutionary algorithm and fuzzy association rule learning to extract a more compact and informative rule set in comparison with other similar rule learning algorithms. The so-called multi-objective evolutionary fuzzy system can be trained using different performance metrics as objectives to adapt to user's requirement in accordance with detection trade-offs, and hence is better suited for its individual applications.…”

Section: Association Rule Learning Based Idsmentioning

confidence: 99%

A Review of Rule Learning-Based Intrusion Detection Systems and Their Prospects in Smart Grids

2021

View full text Add to dashboard Cite

Intrusion detection systems (IDS) are commonly categorized into misuse based, anomaly based and specification based IDS. Both misuse based IDS and anomaly based IDS are extensively researched in academia and industry. However, as critical infrastructures including smart grids (SG) may often face sophisticated unknown attacks in the near future, misuse based attack detection techniques will mostly miss their targets. Despite the fact that anomaly based IDS can detect novel attacks, they are not often deployed in industry, mainly owing to high false positive rate and lack of interpretability of trained models. With misuse based IDS' inability to detect unknown attacks and requirement for frequently manually crafting and updating signatures and with anomaly based IDS' bad reputation for high false alarm rate, specification based IDS can be regarded as the most suitable detection engine for cyber-physical systems (CPS) including SG. We argue that specification based IDS especially using rule learning could prove to be the most promising IDS for SG. Intrusion detection rules are learned through rule learning techniques and periodically automatically updated to accommodate dynamic system behaviors in SG. Fortunately, rule learning based IDS can not only detect previously unknown attacks but also achieve higher interpretability, due to symbolic representation of learned rules. It can thus be considered more "trustworthy" from human perspective and further assist human in the loop security operation. The present work provides a systematic and deep analysis of rule learning techniques and their suitability for IDS in SG. Besides, it concludes the most important criteria for learning intrusion detection rules and assessing their quality. This work serves not only as a guide to a number of important rule learning techniques but also as the first survey on their applications in IDS, which indicates their potential opportunities in SG security.

show abstract

“…K-Map is useful for distinction of the data but it is not supported for large volume of data. Support Vector Machine (SVM) [19][20][21][22][23] [ [25][26][27][28][29][30][31][32]: is beneficial for classification and reformation of data, but at the same time SVM only cannot powerfully in recognizing about new data. Given a set of trained-data-set which require more computational time for big-data [4,12].…”

Section: B Related Workmentioning

confidence: 99%

“…Fuzzy Logic based techniques found best in detection of intrusion for as compared to Data Mining, K-Map [21], MLP [25][26][27][28][29][30], Random Forest [25][26][27][28][29][30], SVM [32,33], Neural Network [31][32][33] and dimensionality reduction [35][36][37].…”

Section: B Related Workmentioning

confidence: 99%

Fuzzy Controlled Network Intrusion Detection System (FC-NIDS)

Kumar*,

Kumar

2019

IJITEE

View full text Add to dashboard Cite

 Abstract: Intrusion Detection System (IDS) is the nearly all imperative constituent of computer network security. IDSs are designed to comprehend intrusion attempts in incoming network traffic shrewdly. It deals with big volume of data containing immaterial and outmoded features, which lead to delay in training as well as testing procedures. Therefore, to minimize the false alarm and computation complexity, the features selection technique for intrusion detection has been implemented. In this paper PCA (Principal Component Analysis) and Fuzzy Inference System (FIS) have been used on kdd99 dataset to develop FC-NIDS model. PCA is used to select the attacked features to minimize the computational work, while FIS is used to develop a fuzzy inference system for accuracy in prophecy using MATLAB. The results of the experiment are tested on UCI data sets as a standard bench-mark. It has been found efficient for true prediction of intrusion as well as to reduce the false alarm rate. The proposed fuzzy logic controller IDS (FC-NIDS), is passable to covenant with signature and anomaly based attacks to get enhanced intrusion detection, decreases false alarm and to optimize complexity.

show abstract

A multi-objective evolutionary fuzzy system to obtain a broad and accurate set of solutions in intrusion detection systems

Cited by 51 publications

References 37 publications

Building an efficient intrusion detection system based on feature selection and ensemble classifier

Building an efficient intrusion detection system based on feature selection and ensemble classifier

A Review of Rule Learning-Based Intrusion Detection Systems and Their Prospects in Smart Grids

Fuzzy Controlled Network Intrusion Detection System (FC-NIDS)

Contact Info

Product

Resources

About