Feature Selection Improves Tree-based Classification for Wireless Intrusion Detection

Bhandari, Shilpa; Kukreja, Avinash K.; Lazar, Alina; Sim, Alex; Wu, Kesheng

doi:10.1145/3391812.3396274

Cited by 20 publications

(14 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors in [5] perform feature selection as a first step for tree-based classification of normal and malicious wireless traffic. Initially, they removed features that have zero values for at least 99% of the instances.…”

Section: Related Workmentioning

confidence: 99%

“…Additionally, some contributions mention evaluation metric scores that seem questionable. For instance, each one of the works in [5,9,13,12] presents an almost equal Precision, Recall, F1, and Accuracy scores. Based on these results, it can be assumed that these works most probably employ a balanced dataset, and indeed this is the case with [5].…”

Section: E Comparison With Previous Workmentioning

confidence: 99%

“…For instance, each one of the works in [5,9,13,12] presents an almost equal Precision, Recall, F1, and Accuracy scores. Based on these results, it can be assumed that these works most probably employ a balanced dataset, and indeed this is the case with [5]. Nevertheless, in real-world scenarios, the wireless traffic will be, in all likelihood, imbalanced.…”

Section: E Comparison With Previous Workmentioning

confidence: 99%

“…However, they never received wide adoption or the development of some of them has been abandoned. On the other hand, a critical mass of works [4,5,6] deals with the application of Machine Learning (ML) techniques for the development of misuse detection tools that are optimized for the detection of attacks in 802.11 wireless networks.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Pick Quality Over Quantity: Expert Feature Selection and Data Preprocessing for 802.11 Intrusion Detection Systems

et al. 2022

View full text Add to dashboard Cite

Wi-Fi is arguably the most proliferated wireless technology today. Due to its massive adoption, Wi-Fi deployments always remain in the epicenter of attackers and evildoers. Surprisingly, research regarding machine learning driven intrusion detection systems (IDS) that are specifically optimized to detect Wi-Fi attacks is lagging behind. On top of that, the field is dominated by false or half-true assumptions that potentially can lead to corresponding models being overfilled to certain validation datasets, simply giving the impression or illusion of high efficiency. This work attempts to provide concrete answers to the following key questions regarding IEEE 802.11 machine learning driven IDS. First, from an expert's viewpoint and with reference to the relevant literature, what are the criteria for determining the smallest possible set of classification features, which are also common and potentially transferable to virtually any deployment types/versions of 802.11? And second, based on these features, what is the detection performance across different network versions and diverse machine learning techniques, i.e., shallow versus deep learning ones? To answer these questions, we rely on the renowned 802.11 security-oriented AWID family of datasets. In a nutshell, our experiments demonstrate that with a rather small set of 16 features and without the use of any optimization or ensemble method, shallow and deep learning classification can achieve an average F1 score of up to 99.55% and 97.55%, respectively. We argue that the suggested human expert driven feature selection leads to lightweight, deployment-agnostic detection systems, and therefore can be used as a basis for future work in this interesting and rapidly evolving field.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: E Comparison With Previous Workmentioning

confidence: 99%

Section: E Comparison With Previous Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Pick Quality Over Quantity: Expert Feature Selection and Data Preprocessing for 802.11 Intrusion Detection Systems

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Using the same AWID dataset, Bhandari et al [1] showed that by selecting a subset of important features of size 10% of the initial set, the training time can be reduced by 4x, while improving the discriminating ability to identify attack instances. This study employed the SHAP method for feature selection and concluded that by selecting a small subset of the most important features, the algorithm is able to important patterns to discriminate between the "attack" instances and the "normal" instances.…”

Section: Introductionmentioning

confidence: 99%

GPU-based Classification for Wireless Intrusion Detection

Lazar

Sim

2020

Proceedings of the 2021 on Systems and Network Telemetry and Analytics

Self Cite

View full text Add to dashboard Cite

Automated network intrusion detection systems (NIDS) continuously monitor the network traffic to detect attacks or/and anomalies. These systems need to be able to detect attacks and alert network engineers in real-time. Therefore, modern NIDS are built using complex machine learning algorithms that require large training datasets and are time-consuming to train. The proposed work shows that machine learning algorithms from the RAPIDS cuML library on Graphics Processing Units (GPUs) can speed-up the training process on large scale datasets. This approach is able to reduce the training time while providing high accuracy and performance. We demonstrate the proposed approach on a large subset of data extracted from the Aegean Wi-Fi Intrusion Dataset (AWID). Multiple classification experiments were performed on both CPU and GPU. We achieve up to 65x acceleration of training several machine learning methods by moving most of the pipeline computations to the GPU and leveraging the new cuML library as well as the GPU version of the CatBoost library. CCS CONCEPTS• Security and privacy → Intrusion detection systems; • Networks → Network security; • Computing methodologies → Ensemble methods.

show abstract

Designing a feature selection method based on explainable artificial intelligence

et al. 2022

View full text Add to dashboard Cite

Nowadays, artificial intelligence (AI) systems make predictions in numerous high stakes domains, including credit-risk assessment and medical diagnostics. Consequently, AI systems increasingly affect humans, yet many state-of-the-art systems lack transparency and thus, deny the individual’s “right to explanation”. As a remedy, researchers and practitioners have developed explainable AI, which provides reasoning on how AI systems infer individual predictions. However, with recent legal initiatives demanding comprehensive explainability throughout the (development of an) AI system, we argue that the pre-processing stage has been unjustifiably neglected and should receive greater attention in current efforts to establish explainability. In this paper, we focus on introducing explainability to an integral part of the pre-processing stage: feature selection. Specifically, we build upon design science research to develop a design framework for explainable feature selection. We instantiate the design framework in a running software artifact and evaluate it in two focus group sessions. Our artifact helps organizations to persuasively justify feature selection to stakeholders and, thus, comply with upcoming AI legislation. We further provide researchers and practitioners with a design framework consisting of meta-requirements and design principles for explainable feature selection.

show abstract

Feature Selection Improves Tree-based Classification for Wireless Intrusion Detection

Cited by 20 publications

References 27 publications

Pick Quality Over Quantity: Expert Feature Selection and Data Preprocessing for 802.11 Intrusion Detection Systems

Pick Quality Over Quantity: Expert Feature Selection and Data Preprocessing for 802.11 Intrusion Detection Systems

GPU-based Classification for Wireless Intrusion Detection

Designing a feature selection method based on explainable artificial intelligence

Contact Info

Product

Resources

About