Enhancing the Performance of an Intrusion Detection System Through Multi-Linear Dimensionality Reduction and Multi-Class SVM

Accurate intrusion detection is necessary to preserve network security. However, developing efficient intrusion detection system is a complex problem due to the nonlinear nature of the intrusion attempts, the unpredictable behaviour of network traffic, and the large number features in the problem space. Hence, selecting the most effective and discriminating feature is highly important. Additionally, eliminating irrelevant features can improve the detection accuracy as well as reduce the learning time of machine learning algorithms. However, feature reduction is an NPhard problem. Therefore, several metaheuristics have been employed to determine the most effective feature subset within reasonable time. In this paper, two intrusion detection models are built based on a modified version of the firefly algorithm to achieve the feature selection task. The first and, the second models have been used for binary and multiclass classification, respectively. The modified firefly algorithm employed a mutation operation to avoid trapping into local optima through enhancing the exploration capabilities of the original firefly. The significance of the selected features is evaluated using a Naïve Bayes classifier over a benchmark standard dataset, which contains different types of attacks. The obtained results revealed the superiority of the modified firefly algorithm against the original firefly algorithm in terms of the classification accuracy and the number of selected features under different scenarios. Additionally, the results assured the superiority of the proposed intrusion detection system against other recently proposed systems in both binary classification and multi-classification scenarios. The proposed system has 96.51% and 96.942% detection accuracy in binary classification and multi-classification, respectively. Moreover, the proposed system reduced the number of attributes from 41 to 9 for binary classification and to 10 for multi-classification.

Section: Performance Metrics and Experimental Resultsmentioning

confidence: 99%

Section: Performance Metrics and Experimental Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Feature Selection Models Based on Hybrid Firefly Algorithm with Mutation Operator for Network Intrusion Detection

Alwan¹,

AbuEl-Atta²,

Zayed³

2021

“…Kumar et al [19] also propose a multi-class SVM to detect intrusion. They use a multi-linear dimensionality reduction (MLDR) method to reduce the dimensionality of the dataset.…”

Section: Related Workmentioning

confidence: 99%

Increasing Accuracy and Completeness of Intrusion Detection Model Using Fusion of Normalization, Feature Selection Method and Support Vector Machine

Setiawan¹,

Djanali²,

Ahmad³

2019

Detecting intrusion in network traffic has remained a problem for years. Development in the field of machine learning provides an opportunity for researchers to detect network intrusion without using a database signature. Accuracy and completeness are two critical aspects in determining the performance of an intrusion detection system. The amount of unbalanced training data on each type of attack causes the system to have high accuracy, but it is difficult to detect all kinds of attacks. So, it does not meet the completeness aspect. In this paper, we propose an intrusion detection model using a combination of the modified rank-based information gain feature selection method, log normalization, and Support Vector Machine with parameter optimization. Overall accuracy achieved using 17 features from NSLKDD dataset is 99.8%, while the false alarm rate is 0.2%. The completeness aspect can be achieved, and the detection accuracy of the minority class can be increased.

“…In [9] the authors propose a Multi-class SVM (Support Vector Machine) to detect intrusions along with Multi-Linear Dimensionality Reduction (ML-DR) process to reduce the feature dimensions there by reducing the training time.…”

Section: Related Workmentioning

confidence: 99%

An Intrusion Detection System for Network Security Situational Awareness Using Conditional Random Fields

Mahendiran¹,

Appusamy²

2018

The huge proliferation of cyber economy, social media usage and online transactions has resulted in large volumes of data in the cyber space. This has led to an increase in concern over the security of confidential data in the cyber space. Network security situational awareness systems helps in effectively monitoring a network for suspicious activities and thwarting any attacks on the information stored in the network. In this paper, an intrusion detection system for network security situational awareness using conditional random field has been proposed. Conditional random fields being conditional models are capable of modeling inter relationships between the observed features. This results in greater accuracy in classification. Conditional random field's complexity increases with the number of features in the observation. To reduce this complexity, a feature selection method using oneR algorithm has been proposed. The ability of oneR algorithm to find the best attribute that result in optimal classification has been used for ranking the features in the observation. The proposed system was trained and tested using the bench mark NSL-KDD dataset. The proposed system on experimentation, exhibited higher accuracy (98%) in identifying an attack in general and also showed better performance (>93%) in identifying individual attack categories specifically.