scholarly journals LNNLS-KH: A Feature Selection Method for Network Intrusion Detection

2021 ◽  
Vol 2021 ◽  
pp. 1-22
Author(s):  
Xin Li ◽  
Peng Yi ◽  
Wei Wei ◽  
Yiming Jiang ◽  
Le Tian
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Classification Accuracy ◽  
Nearest Neighbor ◽  
False Positive Rate ◽  
Optimal Solution ◽  
Network Intrusion Detection ◽  
Network Intrusion ◽  
Krill Herd ◽  
Positive Rate

As an important part of intrusion detection, feature selection plays a significant role in improving the performance of intrusion detection. Krill herd (KH) algorithm is an efficient swarm intelligence algorithm with excellent performance in data mining. To solve the problem of low efficiency and high false positive rate in intrusion detection caused by increasing high-dimensional data, an improved krill swarm algorithm based on linear nearest neighbor lasso step (LNNLS-KH) is proposed for feature selection of network intrusion detection. The number of selected features and classification accuracy are introduced into fitness evaluation function of LNNLS-KH algorithm, and the physical diffusion motion of the krill individuals is transformed by a nonlinear method. Meanwhile, the linear nearest neighbor lasso step optimization is performed on the updated krill herd position in order to derive the global optimal solution. Experiments show that the LNNLS-KH algorithm retains 7 features in NSL-KDD dataset and 10.2 features in CICIDS2017 dataset on average, which effectively eliminates redundant features while ensuring high detection accuracy. Compared with the CMPSO, ACO, KH, and IKH algorithms, it reduces features by 44%, 42.86%, 34.88%, and 24.32% in NSL-KDD dataset, and 57.85%, 52.34%, 27.14%, and 25% in CICIDS2017 dataset, respectively. The classification accuracy increased by 10.03% and 5.39%, and the detection rate increased by 8.63% and 5.45%. Time of intrusion detection decreased by 12.41% and 4.03% on average. Furthermore, LNNLS-KH algorithm quickly jumps out of the local optimal solution and shows good performance in the optimal fitness iteration curve, convergence speed, and false positive rate of detection.

scholarly journals A Feature Selection Model for Network Intrusion Detection System Based on PSO, GWO, FFA and GA Algorithms

Symmetry ◽  
2020 ◽  
Vol 12 (6) ◽  
pp. 1046 ◽  
Author(s):  
Omar Almomani
Keyword(s):  
Genetic Algorithm ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Selection Model ◽  
Network Intrusion Detection ◽  
Network Intrusion ◽  
Proposed Model ◽  
Positive Rate

The network intrusion detection system (NIDS) aims to identify virulent action in a network. It aims to do that through investigating the traffic network behavior. The approaches of data mining and machine learning (ML) are extensively used in the NIDS to discover anomalies. Regarding feature selection, it plays a significant role in improving the performance of NIDSs. That is because anomaly detection employs a great number of features that require much time. Therefore, the feature selection approach affects the time needed to investigate the traffic behavior and improve the accuracy level. The researcher of the present study aimed to propose a feature selection model for NIDSs. This model is based on the particle swarm optimization (PSO), grey wolf optimizer (GWO), firefly optimization (FFA) and genetic algorithm (GA). The proposed model aims at improving the performance of NIDSs. The proposed model deploys wrapper-based methods with the GA, PSO, GWO and FFA algorithms for selecting features using Anaconda Python Open Source, and deploys filtering-based methods for the mutual information (MI) of the GA, PSO, GWO and FFA algorithms that produced 13 sets of rules. The features derived from the proposed model are evaluated based on the support vector machine (SVM) and J48 ML classifiers and the UNSW-NB15 dataset. Based on the experiment, Rule 13 (R13) reduces the features into 30 features. Rule 12 (R12) reduces the features into 13 features. Rule 13 and Rule 12 offer the best results in terms of F-measure, accuracy and sensitivity. The genetic algorithm (GA) shows good results in terms of True Positive Rate (TPR) and False Negative Rate (FNR). As for Rules 11, 9 and 8, they show good results in terms of False Positive Rate (FPR), while PSO shows good results in terms of precision and True Negative Rate (TNR). It was found that the intrusion detection system with fewer features will increase accuracy. The proposed feature selection model for NIDS is rule-based pattern recognition to discover computer network attack which is in the scope of Symmetry journal.

scholarly journals A Combination Strategy of Feature Selection Based on an Integrated Optimization Algorithm and Weighted K-Nearest Neighbor to Improve the Performance of Network Intrusion Detection

Electronics ◽  
2020 ◽  
Vol 9 (8) ◽  
pp. 1206
Author(s):  
Hui Xu ◽  
Krzysztof Przystupa ◽  
Ce Fang ◽  
Andrzej Marciniak ◽  
Orest Kochan ◽  
...  
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Optimization Algorithm ◽  
Nearest Neighbor ◽  
Original Data ◽  
Network Intrusion Detection ◽  
K Nearest Neighbor ◽  
Combination Strategy ◽  
Integrated Optimization ◽  
Network Intrusion

With the widespread use of the Internet, network security issues have attracted more and more attention, and network intrusion detection has become one of the main security technologies. As for network intrusion detection, the original data source always has a high dimension and a large amount of data, which greatly influence the efficiency and the accuracy. Thus, both feature selection and the classifier then play a significant role in raising the performance of network intrusion detection. This paper takes the results of classification optimization of weighted K-nearest neighbor (KNN) with those of the feature selection algorithm into consideration, and proposes a combination strategy of feature selection based on an integrated optimization algorithm and weighted KNN, in order to improve the performance of network intrusion detection. Experimental results show that the weighted KNN can increase the efficiency at the expense of a small amount of the accuracy. Thus, the proposed combination strategy of feature selection based on an integrated optimization algorithm and weighted KNN can then improve both the efficiency and the accuracy of network intrusion detection.

scholarly journals Semi-supervised tri-Adaboost algorithm for network intrusion detection

2019 ◽  
Vol 15 (6) ◽  
pp. 155014771984605 ◽  
Author(s):  
Yali Yuan ◽  
Liuwei Huo ◽  
Yachao Yuan ◽  
Zhixiao Wang
Keyword(s):  
Intrusion Detection ◽  
Categorical Data ◽  
False Positive Rate ◽  
Training Dataset ◽  
Network Intrusion Detection ◽  
Chi Square ◽  
Adaboost Algorithm ◽  
Numerical Studies ◽  
Network Intrusion ◽  
Positive Rate

Network intrusion detection is a relatively mature research topic, but one that remains challenging particular as technologies and threat landscape evolve. Here, a semi-supervised tri-Adaboost (STA) algorithm is proposed. In the algorithm, three different Adaboost algorithms are used as the weak classifiers (both for continuous and categorical data), constituting the decision stumps in the tri-training method. In addition, the chi-square method is used to reduce the dimension of feature and improve computational efficiency. We then conduct extensive numerical studies using different training and testing samples in the KDDcup99 dataset and discover the flows demonstrated that (1) high accuracy can be obtained using a training dataset which consists of a small number of labeled and a large number of unlabeled samples. (2) The algorithm proposed is reproducible and consistent over different runs. (3) The proposed algorithm outperforms other existing learning algorithms, even with only a small amount of labeled data in the training phase. (4) The proposed algorithm has a short execution time and a low false positive rate, while providing a desirable detection rate.

Research of Wireless Sensor Network Intrusion Detection Based on Ant-Miner

2014 ◽  
Vol 989-994 ◽  
pp. 4832-4836
Author(s):  
Tao Liu ◽  
Shao Yu Liu ◽  
Dan Wei ◽  
Jie Cui
Keyword(s):  
Wireless Sensor Network ◽  
Intrusion Detection ◽  
Sensor Network ◽  
False Positive Rate ◽  
True Positive Rate ◽  
Wireless Sensor ◽  
Network Intrusion Detection ◽  
Detection Scheme ◽  
Network Intrusion ◽  
Positive Rate

In this paper, we propose an intrusion detection program based on improved Ant-Miner (AM). The proposal needs to collecting out the node data, using intrusion detection module to test, compared with other wireless sensor network intrusion detection scheme, this scheme saves energy consumption of the sensor node effectively. Through the network simulation, this scheme proposed has a lower false positive rate and a higher true positive rate comparing with the current typical wireless sensor network testing program.

scholarly journals Feature Selection Method based on Chaotic Salp Swarm Algorithm and Extreme Learning Machine for Network Intrusion Detection Systems

Webology ◽  
2021 ◽  
Vol 18 (Special Issue 04) ◽  
pp. 626-640
Author(s):  
Rana Nazhan Hadi ◽  
Dr. Rasha Orban Mahmoud ◽  
Dr. Adly S. Tag Eldien
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Extreme Learning Machine ◽  
Classification Accuracy ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Learning Machine

Network Intrusion Detection Systems (IDSs) have been widely used to monitor and manage network connections and prevent unauthorized connections. Machine learning models have been utilized to classify the connections into normal connections or attack connections based on the users' behavior. One of the most common issues facing the IDSs is the detection system's low classification accuracy and high dimensionality in the feature selection process. However, the feature selection methods are usually used to decrease the datasets' redundancy and enhance the classification performance. In this paper, a Chaotic Salp Swarm Algorithm (CSSA) was integrated with the Extreme Learning Machine (ELM) classifier to select the most relevant subset of features and decrease the dimensionality of a dataset. Each Salp in the population was represented in a binary form, where 1 represented a selected feature, while 0 represented a removed feature. The proposed feature selection algorithm was evaluated based on NSL-KDD dataset, which consists of 41 features. The results were compared with others and have shown that the proposed algorithm succeeded in achieving classification accuracy up to 97.814% and minimized the number of selected features.

Network intrusion detection based on deep learning model optimized with rule-based hybrid feature selection

2020 ◽  
Vol 29 (6) ◽  
pp. 267-283
Author(s):  
Femi Emmanuel Ayo ◽  
Sakinat Oluwabukonla Folorunso ◽  
Adebayo A. Abayomi-Alli ◽  
Adebola Olayinka Adekunle ◽  
Joseph Bamidele Awotunde
Keyword(s):  
Feature Selection ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Learning Model ◽  
Network Intrusion Detection ◽  
Rule Based ◽  
Network Intrusion ◽  
Deep Learning Model
Sign in / Sign up

Export Citation Format

Share Document