A Hybrid Bat Based Feature Selection Approach for Intrusion Detection

Intrusion detection Systems (IDS) are used for detecting malicious and abnormal behaviors, but they suffer from many issues like high resource consumption, high false alarm rate and many others. In this paper, we present a new algorithm to improve intrusion detection and reduce resource consumption. The proposed HBA-SVM IDS combines a hybrid Bat meta-heuristic Algorithm with a support vector machine (SVM) classifier for simultaneous feature and optimal SVM parameters selection, to reduce data dimensionality and to improve IDS detection. To evaluate our system, we used the NSL-KDD dataset and compare against a standard SVM and a PSO-SVM algorithm. Compared to these algorithms experimental result show that our system reduces the number of features needed for intrusion detection by 62% and achieves higher detection rate and lower false alarm rate.

[1]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[2]  Andrew Lewis,et al.  S-shaped versus V-shaped transfer functions for binary Particle Swarm Optimization , 2013, Swarm Evol. Comput..

[3]  Rob J Hyndman,et al.  Another look at measures of forecast accuracy , 2006 .

[4]  B. Ravichandran,et al.  Statistical traffic modeling for network intrusion detection , 2000, Proceedings 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (Cat. No.PR00728).

[5]  Xin-She Yang,et al.  BBA: A Binary Bat Algorithm for Feature Selection , 2012, 2012 25th SIBGRAPI Conference on Graphics, Patterns and Images.

[6]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[7]  Xin-She Yang,et al.  A New Metaheuristic Bat-Inspired Algorithm , 2010, NICSO.

[8]  Hao Dong,et al.  An improved particle swarm optimization for feature selection , 2011 .

[9]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[10]  Alfonso Valdes,et al.  Next-generation Intrusion Detection Expert System (NIDES)A Summary , 1997 .

[11]  Salvatore J. Stolfo,et al.  A Geometric Framework for Unsupervised Anomaly Detection , 2002, Applications of Data Mining in Computer Security.

[12]  Vladimir N. Vapnik,et al.  The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[13]  Yansen Su,et al.  A Novel Approach to Identify Protein Coding Domains by Sampling Binary Profiles from Genome , 2014 .

[14]  Yunqian Ma,et al.  Practical selection of SVM parameters and noise estimation for SVM regression , 2004, Neural Networks.

[15]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[16]  Germán Terrazas,et al.  Nature Inspired Cooperative Strategies for Optimization, NICSO 2010, May 12-14, 2010, Granada, Spain , 2012, NISCO.

[17]  Iztok Fister,et al.  A hybrid bat algorithm , 2013, ArXiv.