Network Intrusion Rules Extraction Based on Rough Set and Niche Genetic Algorithm

The network intrusion detection system (NIDS) aims to identify virulent action in a network. It aims to do that through investigating the traffic network behavior. The approaches of data mining and machine learning (ML) are extensively used in the NIDS to discover anomalies. Regarding feature selection, it plays a significant role in improving the performance of NIDSs. That is because anomaly detection employs a great number of features that require much time. Therefore, the feature selection approach affects the time needed to investigate the traffic behavior and improve the accuracy level. The researcher of the present study aimed to propose a feature selection model for NIDSs. This model is based on the particle swarm optimization (PSO), grey wolf optimizer (GWO), firefly optimization (FFA) and genetic algorithm (GA). The proposed model aims at improving the performance of NIDSs. The proposed model deploys wrapper-based methods with the GA, PSO, GWO and FFA algorithms for selecting features using Anaconda Python Open Source, and deploys filtering-based methods for the mutual information (MI) of the GA, PSO, GWO and FFA algorithms that produced 13 sets of rules. The features derived from the proposed model are evaluated based on the support vector machine (SVM) and J48 ML classifiers and the UNSW-NB15 dataset. Based on the experiment, Rule 13 (R13) reduces the features into 30 features. Rule 12 (R12) reduces the features into 13 features. Rule 13 and Rule 12 offer the best results in terms of F-measure, accuracy and sensitivity. The genetic algorithm (GA) shows good results in terms of True Positive Rate (TPR) and False Negative Rate (FNR). As for Rules 11, 9 and 8, they show good results in terms of False Positive Rate (FPR), while PSO shows good results in terms of precision and True Negative Rate (TNR). It was found that the intrusion detection system with fewer features will increase accuracy. The proposed feature selection model for NIDS is rule-based pattern recognition to discover computer network attack which is in the scope of Symmetry journal.

Download Full-text

A Rule Based Classification for Vegetable Production Using Rough Set and Genetic Algorithm

International Journal of Fuzzy System Applications ◽

10.4018/ijfsa.2018010106 ◽

2018 ◽

Vol 7 (1) ◽

pp. 74-100 ◽

Cited By ~ 11

Author(s):

R. Rathi ◽

Debi Prasanna Acharjya

Keyword(s):

Genetic Algorithm ◽

Rough Set ◽

Vegetable Production ◽

Rule Based

Download Full-text

A Kind of Network Intrusion Detection Method Using Improved Support Vector Machine Based on Ant Colony Algorithm

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.263-266.2995 ◽

2012 ◽

Vol 263-266 ◽

pp. 2995-2998

Author(s):

Xiaoqin Zhang ◽

Guo Jun Jia

Keyword(s):

Genetic Algorithm ◽

Support Vector Machine ◽

Feature Extraction ◽

Ant Colony Algorithm ◽

Small Sample ◽

Ant Colony ◽

Support Vector ◽

Algorithm Selection ◽

Data Set ◽

Network Intrusion

Support vector machine (SVM) is suitable for the classification problem which is of small sample, nonlinear, high dimension. SVM in data preprocessing phase, often use genetic algorithm for feature extraction, although it can improve the accuracy of classification. But in feature extraction stage the weak directivity of genetic algorithm impact the time and accuracy of the classification. The ant colony algorithm is used in genetic algorithm selection stage, which is better for the data pretreatment, so as to improve the classification speed and accuracy. The experiment in the KDD99 data set shows that this method is feasible.

Download Full-text