research-article

A novel combinatorial optimization based feature selection method for network intrusion detection

Authors:

Anjum Nazir,

Rizwan Ahmed KhanAuthors Info & Claims

Volume 102, Issue C

https://doi.org/10.1016/j.cose.2020.102164

Published: 01 March 2021 Publication History

Abstract

The advancements in communication technologies and ubiquitous accessibility to a wide array of services has opened many challenges. Growing numbers of cyberattacks show that current security solutions and technologies do not provide effective safeguard against modern attacks. Intrusion is one of the main issue that has gone viral and can compromise the security of a network of any size. Intrusion Detection / Prevention Systems (IDS / IPS) are used to monitor, inspect and possibly block attacks. However, traditional intrusion detection techniques like signature or anomaly (network behavior) based approaches are prone to many weaknesses. Advancements in machine learning algorithms, data mining and soft computing techniques have shown potential to be used in IDS. All of these technologies, specially machine learning algorithms have to deal with the issue of high dimensionality of data /network traffic data as high dimensional data makes data sparse in hyper-space which restricts different algorithms scaling and generalization capabilities. Secondly, the problem magnitude also grows exponentially when IDS needs to make decision in a real time environment. One of the solution is to tackle this issue is to use feature selection techniques to reduce dimensionality of data. Feature selection is a process of selecting the optimal subset of features from a large feature-set to improve classification accuracy, performance and cost of extracting features. In this paper, we proposed a wrapper-based feature selection method called ’Tabu Search - Random Forest (TS-RF)’. Tabu search is used as a search method while random forest is used as a learning algorithm for Network Intrusion Detection Systems (NIDS). The proposed model is tested on the UNSW-NB15 dataset. The obtained results compared with other feature selection approaches. Results show that TS-RF improves classification accuracy while reducing number of features and false positive rate simultaneously.

References

[1]

M. Al-Zewairi, S. Almajali, A. Awajan, Experimental Evaluation of a Multi-layer Feed-forward Artificial Neural Network Classifier for Network Intrusion Detection System, 2017 International Conference on New Trends in Computing Sciences (ICTCS), IEEE, 2017, pp. 167–172.

Abstract

References

Cited By

Index Terms

Recommendations

Network Intrusion Detection Using Wrapper-based Decision Tree for Feature Selection

Network Intrusion Detection: Automated and Manual Methods Prone to Attack and Evasion

Syntax vs. semantics: competing approaches to dynamic network intrusion detection

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations