Evaluating the Impact of Feature Selection Methods on SNMP-MIB Interface Parameters to Accurately Detect Network Anomalies

Many approaches have evolved to enhance the process of detecting network anomalies using SNMP-MIBs. Most of these approaches focus on machine learning algorithms with a lot of SNMP-MIB database parameters, which may consume most of the hardware resources (CPU, memory, and bandwidth). In this paper, we introduce an efficient detection model to detect network anomalies using Lazy. IBk as a machine learning classifier, Correlation, and ReliefF as an approach for attribute evaluators only SNMP-MIB interface parameters. This model achieves a high accuracy of 99.94% with minimal hardware resources consumption. Thus, this model can be adopted in the intrusion detection system (IDS) to increase its performance and efficiency.

[1]  Marina Thottan,et al.  Anomaly detection in IP networks , 2003, IEEE Trans. Signal Process..

[2]  Salah El Hadaj,et al.  Performance evaluation of intrusion detection based on machine learning using Apache Spark , 2018 .

[3]  D. R. Patil,et al.  Prediction of heart disease using multilayer perceptron neural network , 2014, International Conference on Information Communication and Embedded Systems (ICICES2014).

[4]  Christos Tjortjis,et al.  Evaluating data mining algorithms using molecular dynamics trajectories , 2013, Int. J. Data Min. Bioinform..

[5]  Mouhammd Alkasassbeh,et al.  An empirical evaluation for the intrusion detection features based on machine learning and feature selection methods , 2017, ArXiv.

[6]  Qingtao Wu,et al.  Network Anomaly Detection Using Time Series Analysis , 2005, Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services - (icas-isns'05).

[7]  Ghazi Al-Naymat,et al.  Using machine learning methods for detecting network anomalies within SNMP-MIB dataset , 2018, Int. J. Wirel. Mob. Comput..

[8]  Muhammad Morshed Alam,et al.  A Practical Approach and Mitigation Techniques on Application Layer DDoS Attack in Web Server , 2015 .

[9]  Balachandra Muniyal,et al.  Performance Evaluation of Supervised Machine Learning Algorithms for Intrusion Detection , 2016 .

[10]  Oksana Yevsieieva,et al.  Analysis of the impact of the slow HTTP DOS and DDOS attacks on the cloud environment , 2017, 2017 4th International Scientific-Practical Conference Problems of Infocommunications. Science and Technology (PIC S&T).

[11]  Nabhan Hamadneh,et al.  Intensive Pre-Processing of KDD Cup 99 for Network Intrusion Classification Using Machine Learning Techniques , 2018, Int. J. Interact. Mob. Technol..

[12]  S. Vijayarani,et al.  Comparative Analysis of Bayes and Lazy Classification Algorithms , 2013 .

[13]  Gérard Biau,et al.  Analysis of a Random Forests Model , 2010, J. Mach. Learn. Res..

[14]  Zhang Chao-yang DOS Attack Analysis and Study of New Measures to Prevent , 2011, 2011 International Conference on Intelligence Science and Information Engineering.

[15]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[16]  Maen Alzubi,et al.  Evaluation of machine learning algorithms for intrusion detection system , 2017, 2017 IEEE 15th International Symposium on Intelligent Systems and Informatics (SISY).

[17]  Kiattikul Treseangrat,et al.  Analysis of UDP DDoS flood cyber attack and defense mechanisms on Web Server with Linux Ubuntu 13 , 2015, 2015 International Conference on Communications, Signal Processing, and their Applications (ICCSPA'15).

[18]  Aiko Pras,et al.  SNMP Traffic Analysis: Approaches, Tools, and First Results , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.