Feature Selection Based on Genetic Algorithm and Support Vector Machine for Intrusion Detection System

One of the most common problems in existing detection techniques is the high curse of dimensionality, due to multidimensional features of the network attack data. This paper investigates the performances of genetic algorithm (GA) with support vector machine (SVM) classification method for feature selection, the forward feature selection algorithm (FFSA) and linear correlation feature selection (LCFS) in detecting different types of network attacks. In particular, the feature selection capability of GA, FFSA and LCFS has been studied. In this work GA, FFSA and LCFS have been implemented and tested on KDD CUP 1999 dataset. The results have shown that all of the algorithms are capable of achieving about 99% detection rate at different number of reduced features. GA with SVMand LCFS require only 21 features, while FFSA requires 31 features to detect the attacks effectively. In addition, the false positive results shown by all of the algorithms are comparatively low, between 0.43% and 0.59% when the detection rate is almost perfect.

[1]  Erik Schaffernicht,et al.  Forward feature selection using Residual Mutual Information , 2009, ESANN.

[2]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[3]  Hadi Sarvari,et al.  Improving the accuracy of intrusion detection systems by using the combination of machine learning approaches , 2010, 2010 International Conference of Soft Computing and Pattern Recognition.

[4]  Andrew James Simmonds,et al.  An Ontology for Network Security Attacks , 2004, AACC.

[5]  Yu-Xin Meng,et al.  The practice on using machine learning for network anomaly intrusion detection , 2011, 2011 International Conference on Machine Learning and Cybernetics.

[6]  Wei Xu,et al.  Incremental SVM based on reserved set for network intrusion detection , 2011, Expert Syst. Appl..

[7]  Jun Wang,et al.  A real time IDSs based on artificial Bee Colony-support vector machine algorithm , 2010, Third International Workshop on Advanced Computational Intelligence.

[8]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[9]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[10]  Hong Wen,et al.  Bayesian Statistical Inference in Machine Learning Anomaly Detection , 2010, 2010 International Conference on Communications and Intelligence Information Security.

[11]  Tai-hoon Kim,et al.  Linear Correlation-Based Feature Selection for Network Intrusion Detection Model , 2013, SecNet.

[12]  Andrew H. Sung,et al.  Feature Ranking and Selection for Intrusion Detection Using Artificial Neural Networks and Statistical Methods , 2006, The 2006 IEEE International Joint Conference on Neural Network Proceedings.

[13]  Vik Tor Goh,et al.  Towards Intrusion Detection for Encrypted Networks , 2009, 2009 International Conference on Availability, Reliability and Security.

[14]  Filomena Ferrucci,et al.  A Genetic Algorithm to Configure Support Vector Machines for Predicting Fault-Prone Components , 2011, PROFES.

[15]  Payel Gupta,et al.  Genetic Algorithm Technique Used to Detect Intrusion Detection , 2011 .

[16]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..