A feature selection approach implemented with the Binary Bat Algorithm applied for intrusion detection

The large number and various technological solutions adopted by many enterprises, overwhelms security systems, which must acquire informations from all these diverse sources and interpret them. Furthermore, the proliferation of more complex cyber threats imposes a difficult task for information security assurance. Therefore, it is clear that new solutions are required. In this paper we propose a wrapper feature selection approach that combines an improved version of the Binary Bat Algorithm with two classifiers (C4.5 and SVM). We test our proposed model on the NSL-KDD dataset and empirically prove that our method can boost the performance of the classifiers and outperforms BBA and BPSO in terms of attack detection rate and false alarm rate, obtained after a fewer number of iterations. Furthermore, we reduced the number of features with almost 64% and improved the performances of the classifier, even for unknown intrusions.

[1]  Geoffrey I. Webb,et al.  Encyclopedia of Machine Learning , 2011, Encyclopedia of Machine Learning.

[2]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[3]  Xin-She Yang,et al.  BBA: A Binary Bat Algorithm for Feature Selection , 2012, 2012 25th SIBGRAPI Conference on Graphics, Patterns and Images.

[4]  Johannes Fürnkranz,et al.  Decision Tree , 2010, Encyclopedia of Machine Learning and Data Mining.

[5]  Victor Valeriu Patriciu,et al.  Intrusions detection based on Support Vector Machine optimized with swarm intelligence , 2014, 2014 IEEE 9th IEEE International Symposium on Applied Computational Intelligence and Informatics (SACI).

[6]  Kien A. Hua,et al.  Decision tree classifier for network intrusion detection with GA-based feature selection , 2005, ACM Southeast Regional Conference.

[7]  Sumeet Dua,et al.  Data Mining and Machine Learning in Cybersecurity , 2011 .

[8]  Xian Du Classical Machine-Learning Paradigms for Data Mining , 2011 .

[9]  Valentin Sgarciu,et al.  Enhanced intrusion detection system based on bat algorithm-support vector machine , 2014, 2014 11th International Conference on Security and Cryptography (SECRYPT).

[10]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[11]  Xu Hong,et al.  A Real-time Intrusion Detection System Based on PSO-SVM , 2009 .

[12]  Marc Dacier,et al.  Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.

[13]  Zbigniew Kotulski,et al.  New Unknown Attack Detection with the Neural Network–Based IDS , 2014 .

[14]  Xingwei Liu,et al.  A New Intrusion Detection Method Based on BPSO-SVM , 2008, 2008 International Symposium on Computational Intelligence and Design.

[15]  Li Cheng,et al.  A New Metaheuristic Bat-Inspired Algorithm , 2010 .

[16]  Xin-She Yang,et al.  A New Metaheuristic Bat-Inspired Algorithm , 2010, NICSO.

[17]  Arputharaj Kannan,et al.  Decision tree based light weight intrusion detection using a wrapper approach , 2012, Expert Syst. Appl..