An improved ensemble approach for effective intrusion detection

Nowadays, one critical challenge of cybersecurity administrators is the protection of online resources from network intrusions. Despite several academic and industry research initiatives, full protection of online resources from these network intrusions is not feasible. Therefore, several techniques have been developed that use network audit data for accurate detection of network intrusions effectively and efficiently and are used in network intrusion detection systems (NIDSs). But, most of NIDSs reported low detection accuracy with high false alarm rate and provide a single solution that lacks in classification trade-offs. In this paper, the authors present a hybrid approach of multi-objective genetic algorithm and neural networks for creating a set of ensemble solutions for detecting network intrusions effectively. The proposed approach works in two phases that initially creates a set of non-dominating solutions or Pareto optimal solutions of base techniques and then creates ensemble solutions. In the outcome of individual solutions or models in the ensemble are aggregated using most popular method of majority voting. The proposed hybrid approach is evaluated using benchmark datasets of NSL_KDD and ISCX-2012 datasets for intrusion detection. The evaluation results using benchmark datasets demonstrate that the proposed hybrid approach enables detecting network intrusions effectively as compared to conventional ensemble approaches, namely bagging and boosting. The resultant ensemble solutions are non-dominating and provide classification trade-offs for cybersecurity administrators. The results also show that the proposed hybrid approach detects both minority and majority intrusion types accurately. The proposed hybrid approach demonstrated a detection accuracy of 97% and 88% with FPR of 2.4% and 2% for ISCX-2012 and NSL_KDD datasets, respectively.

[1]  Morteza Analoui,et al.  Evolving Ensemble of Classifiers In Low-Dimensional Spaces Using Multi-Objective Evolutionary Approach , 2007, 6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007).

[2]  Xiaodong Li,et al.  Multi-objective techniques in genetic programming for evolving classifiers , 2005, 2005 IEEE Congress on Evolutionary Computation.

[3]  Gulshan Kumar,et al.  The use of artificial intelligence based techniques for intrusion detection: a review , 2010, Artificial Intelligence Review.

[4]  Lefteris Angelis,et al.  Selective fusion of heterogeneous classifiers , 2005, Intell. Data Anal..

[5]  Sriparna Saha,et al.  Building an Effective Intrusion Detection System using Unsupervised Feature Selection in Multi-objective Optimization Framework , 2019, ArXiv.

[6]  Kalyanmoy Deb,et al.  A Fast Elitist Non-dominated Sorting Genetic Algorithm for Multi-objective Optimisation: NSGA-II , 2000, PPSN.

[7]  Ali A. Ghorbani,et al.  IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART C: APPLICATIONS AND REVIEWS 1 Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods , 2022 .

[8]  Ludmila I. Kuncheva,et al.  Combining Pattern Classifiers: Methods and Algorithms , 2004 .

[9]  Nivethitha Somu,et al.  An efficient intrusion detection technique based on support vector machine and improved binary gravitational search algorithm , 2019, Artificial Intelligence Review.

[10]  Wei Lu,et al.  Detecting New Forms of Network Intrusion Using Genetic Programming , 2004, Comput. Intell..

[11]  R. Vijayanand,et al.  Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with genetic-algorithm-based feature selection , 2018, Comput. Secur..

[12]  Quamar Niyaz,et al.  An Ensemble Learning Based Wi-Fi Network Intrusion Detection System (WNIDS) , 2018, 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA).

[13]  Nasser Mozayani,et al.  A new multi-objective evolutionary approach for creating ensemble of classifiers , 2007, 2007 IEEE International Conference on Systems, Man and Cybernetics.

[14]  Georgios Kambourakis,et al.  Dendron : Genetic trees driven rule induction for network intrusion detection systems , 2018, Future Gener. Comput. Syst..

[15]  Robert Sabourin,et al.  Adaptive ROC-based ensembles of HMMs applied to anomaly detection , 2012, Pattern Recognit..

[16]  Francisco Herrera,et al.  A multi-objective evolutionary fuzzy system to obtain a broad and accurate set of solutions in intrusion detection systems , 2019, Soft Comput..

[17]  Giorgio Valentini,et al.  Integration of heterogeneous data sources for gene function prediction using decision templates and ensembles of learning machines , 2010, Neurocomputing.

[18]  Kapil Keshao Wankhade,et al.  An ensemble clustering method for intrusion detection , 2019 .

[19]  Lothar Thiele,et al.  Comparison of Multiobjective Evolutionary Algorithms: Empirical Results , 2000, Evolutionary Computation.

[20]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[21]  Jing Zhang,et al.  A Bijection between Lattice-Valued Filters and Lattice-Valued Congruences in Residuated Lattices , 2013 .

[22]  Kalyanmoy Deb,et al.  A Computationally Efficient Evolutionary Algorithm for Real-Parameter Optimization , 2002, Evolutionary Computation.

[23]  Anil Somayaji,et al.  Analysis of the 1999 DARPA/Lincoln Laboratory IDS evaluation data with NetADHICT , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[24]  Martin J. Oates,et al.  PESA-II: region-based selection in evolutionary multiobjective optimization , 2001 .

[25]  James C. Spall,et al.  Introduction to Stochastic Search and Optimization. Estimation, Simulation, and Control (Spall, J.C. , 2007 .

[26]  F. Herrera,et al.  Evolutionary Fuzzy Systems: A Case Study for Intrusion Detection Systems , 2018, Studies in Computational Intelligence.

[27]  Malcolm I. Heywood,et al.  A Linear Genetic Programming Approach to Intrusion Detection , 2003, GECCO.

[28]  Giandomenico Spezzano,et al.  GP Ensemble for Distributed Intrusion Detection Systems , 2005, ICAPR.

[29]  Hisao Ishibuchi,et al.  Evolutionary multiobjective optimization for the design of fuzzy rule-based ensemble classifiers , 2006, Int. J. Hybrid Intell. Syst..

[30]  Eulanda M. dos Santos Static and dynamic overproduction and selection of classifier ensembles with genetic algorithms , 2008 .

[31]  S. Sai Satyanarayana Reddy,et al.  Intrusion Detection in Wireless Network Using Fuzzy Logic Implemented with Genetic Algorithm , 2019 .

[32]  G. Kumar,et al.  The Use of Multi-Objective Genetic Algorithm Based Approach to Create Ensemble of ANN for Intrusion Detection , 2012 .

[33]  Hari M. Srivastava,et al.  A Local Fractional Integral Inequality on Fractal Space Analogous to Anderson’s Inequality , 2014 .

[34]  Atilla Özgür,et al.  Feature selection and multiple classifier fusion using genetic algorithms in intrusion detection systems , 2018 .

[35]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[36]  Kalyanmoy Deb,et al.  AMGA2: improving the performance of the archive-based micro-genetic algorithm for multi-objective optimization , 2011 .

[37]  Keith Phalp,et al.  Multi-objective evolution of the Pareto optimal set of neural network classifier ensembles , 2009, 2009 International Conference on Machine Learning and Cybernetics.

[38]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[39]  Thomas G. Dietterich Multiple Classifier Systems , 2000, Lecture Notes in Computer Science.

[40]  Salvatore J. Stolfo,et al.  Detecting sound events in basketball video archive , 2001 .

[41]  อนิรุธ สืบสิงห์,et al.  Data Mining Practical Machine Learning Tools and Techniques , 2014 .

[42]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[43]  Andrew H. Sung,et al.  Intrusion detection using an ensemble of intelligent paradigms , 2005, J. Netw. Comput. Appl..

[44]  Robert Sabourin,et al.  Iterative Boolean combination of classifiers in the ROC space: An application to anomaly detection with HMMs , 2010, Pattern Recognit..

[45]  Kapil Keshao Wankhade,et al.  An ensemble clustering method for intrusion detection , 2019, Int. J. Intell. Eng. Informatics.

[46]  Peiyi Shen,et al.  Combined Energy Minimization for Image Reconstruction from Few Views , 2012 .

[47]  Guofei Gu,et al.  Measuring intrusion detection capability: an information-theoretic approach , 2006, ASIACCS '06.

[48]  Taufik Abrão,et al.  Network Anomaly Detection System using Genetic Algorithm and Fuzzy Logic , 2018, Expert Syst. Appl..

[49]  Vegard Engen Machine learning for network based intrusion detection : an investigation into discrepancies in findings with the KDD cup '99 data set and multi-objective evolution of neural network classifier ensembles from imbalanced data , 2010 .