scholarly journals Effects of Feature Selection and Normalization on Network Intrusion Detection

2020 ◽  
Author(s):  
Mubarak Albarka Umar ◽  
Chen Zhanfang
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Computational Time ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Defense Systems ◽  
Network Intrusion ◽  
Depth Analysis ◽  
Negative Impacts

<div><br></div><div><p> The rapid rise of cyberattacks and the gradual failing of traditional defense systems and approaches led to the use of Machine Learning (ML) techniques aiming to build more efficient and reliable Intrusion Detection Systems (IDSs). However, the advent of larger IDS datasets brought about negative impacts on the performance and computational time of ML-based IDSs. To overcome such issues, many researchers utilized data preprocessing techniques such as feature selection and normalization. While most of these researchers reported the success of these preprocessing techniques on a shallow level, very few studies are performed on their effects on a wider scale. Furthermore, the performance of an IDS model is subject to not only the preprocessing techniques used but also the dataset and the ML algorithm used, which most of the existing studies on preprocessing techniques give little emphasis on. Thus, this study provides an in-depth analysis of the effects of feature selection and normalization on various IDS models built using four separate IDS datasets and five different ML algorithms. Wrapper-based decision tree and min-max are used in feature selection and normalization respectively. The models are evaluated and compared using popular evaluation metrics in IDS. The study found normalization to be more important than feature selection in improving performance and computational time of models on both datasets, while feature selection on UNSW-NB15 failed to reduce models computational time, and in the case of models built using NSL-KDD, it decreases their performance. The study also reveals that, compared to the UNSW-NB15 dataset, the NSL-KDD dataset is less complex and unsuitable for building reliable modern-day IDS models. Furthermore, the best performance on both datasets is achieved by Random Forest with accuracy of 99.75% and 98.51% on NSL-KDD and UNSW-NB15 respectively. </p></div>

scholarly journals Effects of Feature Selection and Normalization on Network Intrusion Detection

2020 ◽  
Author(s):  
Mubarak Albarka Umar ◽  
Chen Zhanfang
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Computational Time ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Defense Systems ◽  
Network Intrusion ◽  
Depth Analysis ◽  
Negative Impacts

<div><br></div><div><p> The rapid rise of cyberattacks and the gradual failing of traditional defense systems and approaches led to the use of Machine Learning (ML) techniques aiming to build more efficient and reliable Intrusion Detection Systems (IDSs). However, the advent of larger IDS datasets brought about negative impacts on the performance and computational time of ML-based IDSs. To overcome such issues, many researchers utilized data preprocessing techniques such as feature selection and normalization. While most of these researchers reported the success of these preprocessing techniques on a shallow level, very few studies are performed on their effects on a wider scale. Furthermore, the performance of an IDS model is subject to not only the preprocessing techniques used but also the dataset and the ML algorithm used, which most of the existing studies on preprocessing techniques give little emphasis on. Thus, this study provides an in-depth analysis of the effects of feature selection and normalization on various IDS models built using four separate IDS datasets and five different ML algorithms. Wrapper-based decision tree and min-max are used in feature selection and normalization respectively. The models are evaluated and compared using popular evaluation metrics in IDS. The study found normalization to be more important than feature selection in improving performance and computational time of models on both datasets, while feature selection on UNSW-NB15 failed to reduce models computational time, and in the case of models built using NSL-KDD, it decreases their performance. The study also reveals that, compared to the UNSW-NB15 dataset, the NSL-KDD dataset is less complex and unsuitable for building reliable modern-day IDS models. Furthermore, the best performance on both datasets is achieved by Random Forest with accuracy of 99.75% and 98.51% on NSL-KDD and UNSW-NB15 respectively. </p></div>

scholarly journals Effects of Feature Selection and Normalization on Network Intrusion Detection

2020 ◽  
Author(s):  
Mubarak Albarka Umar ◽  
Chen Zhanfang
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Computational Time ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Defense Systems ◽  
Network Intrusion ◽  
Depth Analysis ◽  
Negative Impacts

<div><br></div><div><p> The rapid rise of cyberattacks and the gradual failing of traditional defense systems and approaches led to the use of Machine Learning (ML) techniques aiming to build more efficient and reliable Intrusion Detection Systems (IDSs). However, the advent of larger IDS datasets brought about negative impacts on the performance and computational time of ML-based IDSs. To overcome such issues, many researchers utilized data preprocessing techniques such as feature selection and normalization. While most of these researchers reported the success of these preprocessing techniques on a shallow level, very few studies are performed on their effects on a wider scale. Furthermore, the performance of an IDS model is subject to not only the preprocessing techniques used but also the dataset and the ML algorithm used, which most of the existing studies on preprocessing techniques give little emphasis on. Thus, this study provides an in-depth analysis of the effects of feature selection and normalization on various IDS models built using four separate IDS datasets and five different ML algorithms. Wrapper-based decision tree and min-max are used in feature selection and normalization respectively. The models are evaluated and compared using popular evaluation metrics in IDS. The study found normalization to be more important than feature selection in improving performance and computational time of models on both datasets, while feature selection on UNSW-NB15 failed to reduce models computational time, and in the case of models built using NSL-KDD, it decreases their performance. The study also reveals that, compared to the UNSW-NB15 dataset, the NSL-KDD dataset is less complex and unsuitable for building reliable modern-day IDS models. Furthermore, the best performance on both datasets is achieved by Random Forest with accuracy of 99.75% and 98.51% on NSL-KDD and UNSW-NB15 respectively. </p></div>

scholarly journals Feature Selection Method based on Chaotic Salp Swarm Algorithm and Extreme Learning Machine for Network Intrusion Detection Systems

Webology ◽  
2021 ◽  
Vol 18 (Special Issue 04) ◽  
pp. 626-640
Author(s):  
Rana Nazhan Hadi ◽  
Dr. Rasha Orban Mahmoud ◽  
Dr. Adly S. Tag Eldien
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Extreme Learning Machine ◽  
Classification Accuracy ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Learning Machine

Network Intrusion Detection Systems (IDSs) have been widely used to monitor and manage network connections and prevent unauthorized connections. Machine learning models have been utilized to classify the connections into normal connections or attack connections based on the users' behavior. One of the most common issues facing the IDSs is the detection system's low classification accuracy and high dimensionality in the feature selection process. However, the feature selection methods are usually used to decrease the datasets' redundancy and enhance the classification performance. In this paper, a Chaotic Salp Swarm Algorithm (CSSA) was integrated with the Extreme Learning Machine (ELM) classifier to select the most relevant subset of features and decrease the dimensionality of a dataset. Each Salp in the population was represented in a binary form, where 1 represented a selected feature, while 0 represented a removed feature. The proposed feature selection algorithm was evaluated based on NSL-KDD dataset, which consists of 41 features. The results were compared with others and have shown that the proposed algorithm succeeded in achieving classification accuracy up to 97.814% and minimized the number of selected features.

Sign in / Sign up

Export Citation Format

Share Document