Firefly algorithm based feature selection for network intrusion detection

Abstract Network intrusion detection is the process of identifying malicious activity in a network by analyzing the network traffic behavior. Data mining techniques are widely used in Intrusion Detection System (IDS) to detect anomalies. Dimensionality reduction plays a vital role in IDS, since detecting anomalies from high dimensional network traffic feature is time-consuming process. Feature selection influences the speed of the analysis and the proposed work, deploys filter and wrapper based method with firefly algorithm in the wrapper for selecting the features. The resulting features are subjected to C4.5 and Bayesian Networks (BN) based classifier with KDD CUP 99 dataset. The experimental results show that 10 features are sufficient to detect the intrusion showing improved accuracy. The proposed work is compared with the existing work showing promising improvements.

[1]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[2]  J. Ross Quinlan,et al.  C4.5: Programs for Machine Learning , 1992 .

[3]  P. Balasubramanie,et al.  Hadoop Based Parallel Binary Bat Algorithm for Network Intrusion Detection , 2017, International Journal of Parallel Programming.

[4]  A. Malathi,et al.  Data Preprocessing for Intrusion Detection System using Swarm Intelligence Techniques , 2013 .

[5]  B. Surendiran,et al.  Dimensionality reduction using Principal Component Analysis for network intrusion detection , 2016 .

[6]  Jianhua Wang,et al.  Optimal feature selection using distance-based discrete firefly algorithm with mutual information criterion , 2017, Neural Computing and Applications.

[7]  Jun Gao,et al.  Online Adaboost-Based Parameterized Methods for Dynamic Distributed Network Intrusion Detection , 2014, IEEE Transactions on Cybernetics.

[8]  P Uday Babu,et al.  Survey on Intrusion Detection Techniques Using Data-Mining Domain , 2014 .

[9]  Rung Ching Chen,et al.  Using Rough Set and Support Vector Machine for Network Intrusion Detection System , 2009, 2009 First Asian Conference on Intelligent Information and Database Systems.

[10]  Xin-She Yang,et al.  Firefly Algorithm, Lévy Flights and Global Optimization , 2010, SGAI Conf..

[11]  Xiangliang Zhang,et al.  Constructing attribute weights from computer audit data for effective intrusion detection , 2009, J. Syst. Softw..

[12]  Jiqiang Liu,et al.  Constructing important features from massive network traffic for lightweight intrusion detection , 2015, IET Inf. Secur..

[13]  Huan Liu,et al.  Feature Selection for High-Dimensional Data: A Fast Correlation-Based Filter Solution , 2003, ICML.

[14]  Amit Kumar Dewangan,et al.  An Ensemble Model for Classification of Attacks with Feature Selection based on KDD99 and NSL-KDD Data Set , 2014 .

[15]  Sangita Chaudhari,et al.  Data Mining Algorithms for Intrusion Detection System: An Overview , 2013 .

[16]  A.H. Sung,et al.  Identifying important features for intrusion detection using support vector machines and neural networks , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[17]  T. Revathi,et al.  Minimal complexity attack classification intrusion detection system , 2013, Appl. Soft Comput..

[18]  Hiroki Takakura,et al.  Toward a more practical unsupervised anomaly detection system , 2013, Inf. Sci..

[19]  Arputharaj Kannan,et al.  Decision tree based light weight intrusion detection using a wrapper approach , 2012, Expert Syst. Appl..

[20]  Thomas M. Cover,et al.  Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing) , 2006 .