An Effective RF-based Intrusion Detection Algorithm with Feature Reduction and Transformation

Intrusion detection systems are essential in the field of network security. To improve the performance of detection model, many machine learning algorithms have been applied to intrusion detection models. Higher-quality data is critical to the accuracy of detection model and could greatly improve the performance. In this paper, an effective random forest-based intrusion detection algorithm with feature reduction and transformation is proposed. Specifically, we implement the correlation analysis and logarithm marginal density ratio to reduce and strengthen the original features respectively, which can greatly improve accuracy rate of classifier. The proposed classification system was deployed on NSL-KDD dataset. The experimental results show that this paper achieves better results than other related methods in terms of false alarm rate, accuracy, detection rate and running time.

[1]  V. Rao Vemuri,et al.  Use of K-Nearest Neighbor classifier for intrusion detection , 2002, Comput. Secur..

[2]  Peter E. Latham,et al.  Mutual Information , 2006 .

[3]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[4]  Maria Papadaki,et al.  A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm , 2010, Comput. Secur..

[5]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[6]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[7]  Phurivit Sangkatsanee,et al.  Practical real-time intrusion detection using machine learning approaches , 2011, Comput. Commun..

[8]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[9]  Shahram Sarkani,et al.  A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier , 2012, Expert Syst. Appl..

[10]  Jianguo Liu,et al.  A Hybrid Anomaly Detection Framework in Cloud Computing Using One-Class and Two-Class Support Vector Machines , 2012, ADMA.

[11]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[12]  Norrozila Sulaiman,et al.  Intrusion Detection System Based on SVM for WLAN , 2012 .

[13]  Panos Louvieris,et al.  Effects-based feature identification for network intrusion detection , 2013, Neurocomputing.

[14]  Antonio Martínez-Álvarez,et al.  Feature selection by multi-objective optimisation: Application to network anomaly detection by hierarchical self-organising maps , 2014, Knowl. Based Syst..

[15]  Xiangji Huang,et al.  Mining network data for intrusion detection through combining SVMs with ant colony networks , 2014, Future Gener. Comput. Syst..

[16]  Siyang Zhang,et al.  A novel hybrid KPCA and SVM with GA model for intrusion detection , 2014, Appl. Soft Comput..

[17]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..

[18]  Qin Liu,et al.  A Mutual Information-Based Hybrid Feature Selection Method for Software Cost Estimation Using Feature Clustering , 2014, 2014 IEEE 38th Annual Computer Software and Applications Conference.

[19]  Kwangjo Kim,et al.  Machine-Learning-Based Feature Selection Techniques for Large-Scale Network Intrusion Detection , 2014, 2014 IEEE 34th International Conference on Distributed Computing Systems Workshops (ICDCSW).

[20]  Bin Luo,et al.  A novel intrusion detection system based on feature generation with visualization strategy , 2014, Expert Syst. Appl..

[21]  Yibin Ying,et al.  Spectroscopy-based food classification with extreme learning machine , 2014 .

[22]  Adel Sabry Eesa,et al.  A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems , 2015, Expert Syst. Appl..

[23]  Julio Ortega Lopera,et al.  PCA filtering and probabilistic SOM for network intrusion detection , 2015, Neurocomputing.

[24]  Sangeeta Bhattacharya,et al.  LAWRA: a layered wrapper feature selection approach for network attack detection , 2015, Secur. Commun. Networks.

[25]  Chih-Fong Tsai,et al.  CANN: An intrusion detection system based on combining cluster centers and nearest neighbors , 2015, Knowl. Based Syst..

[26]  M. A. Jabbar,et al.  Random Forest Modeling for Network Intrusion Detection System , 2016 .

[27]  Seyed Mojtaba Hosseini Bamakan,et al.  An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization , 2016, Neurocomputing.

[28]  Kwangjo Kim,et al.  Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection , 2016, IEEE Transactions on Cybernetics.

[29]  Lalu Banoth,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2017 .

[30]  Jie Gu,et al.  An effective intrusion detection framework based on SVM with feature augmentation , 2017, Knowl. Based Syst..

[31]  Neeraj Kumar,et al.  A feature reduced intrusion detection system using ANN classifier , 2017, Expert Syst. Appl..