Improving the Performance of Multi-class Intrusion Detection Systems using Feature Reduction

Intrusion detection systems (IDS) are widely studied by researchers nowadays due to the dramatic growth in network-based technologies. Policy violations and unauthorized access is in turn increasing which makes intrusion detection systems of great importance. Existing approaches to improve intrusion detection systems focus on feature selection or reduction since some features are irrelevant or redundant which when removed improve the accuracy as well as the learning time. In this paper we propose a hybrid feature selection method using Correlation-based Feature Selection and Information Gain. In our work we apply adaptive boosting using naive Bayes as the weak (base) classifier. The key point in our research is that we are able to improve the detection accuracy with a reduced number of features while precisely determining the attack. Experimental results showed that our proposed method achieved high accuracy compared to methods using only 5-class problem. Correlation is done using Greedy search strategy and naive Bayes as the classifier on the reduced NSL-KDD dataset.

[1]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[2]  Robert E. Schapire,et al.  A Brief Introduction to Boosting , 1999, IJCAI.

[3]  Gulshan Kumar,et al.  Survey on Data Mining Techniques in Intrusion Detection , 2012 .

[4]  Yoav Freund,et al.  Experiments with a New Boosting Algorithm , 1996, ICML.

[5]  Ali Harounabadi,et al.  Feature Ranking in Intrusion Detection Dataset using Combination of Filtering Methods , 2013 .

[6]  Yogita Bhavsar,et al.  Improving Performance of Support Vector Machine for Intrusion Detection using Discretization , 2013 .

[7]  Verónica Bolón-Canedo,et al.  Feature selection and classification in multiple class datasets: An application to KDD Cup 99 dataset , 2011, Expert Syst. Appl..

[8]  Ian H. Witten,et al.  Data mining - practical machine learning tools and techniques, Second Edition , 2005, The Morgan Kaufmann series in data management systems.

[9]  Ian Witten,et al.  Data Mining , 2000 .

[10]  Usama M. Fayyad,et al.  Multi-Interval Discretization of Continuous-Valued Attributes for Classification Learning , 1993, IJCAI.

[11]  Dewan Md. Farid,et al.  Adaptive Intrusion Detection based on Boosting and Naïve Bayesian Classifier , 2011 .

[12]  Keshav Jindal,et al.  Intrusion Detection System using Bayesian Approach for Wireless Network , 2012 .

[13]  Farshid Keynia,et al.  Improving the Intrusion Detection Systems' Performance by Correlation as a Sample Selection Method , 2013 .

[14]  Wei Li,et al.  Using Naive Bayes with AdaBoost to Enhance Network Anomaly Intrusion Detection , 2010, 2010 Third International Conference on Intelligent Networks and Intelligent Systems.

[15]  Mark A. Hall,et al.  Correlation-based Feature Selection for Machine Learning , 2003 .

[16]  Risto Miikkulainen,et al.  Intrusion Detection with Neural Networks , 1997, NIPS.

[17]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[18]  Harish Kumar,et al.  TOPSIS Based Multi-Criteria Decision Making of Feature Selection Techniques for Network Traffic Dataset , 2013 .

[19]  Huan Liu,et al.  Discretization: An Enabling Technique , 2002, Data Mining and Knowledge Discovery.

[20]  Andrew H. Sung,et al.  Intrusion detection using an ensemble of intelligent paradigms , 2005, J. Netw. Comput. Appl..

[21]  Amita Arora,et al.  Dimension Reduction in Intrusion Detection Features Using Discriminative Machine Learning Approach , 2013 .

[22]  Nitesh V. Chawla,et al.  SMOTE: Synthetic Minority Over-sampling Technique , 2002, J. Artif. Intell. Res..

[23]  M. Bahrololum,et al.  Machine Learning Techniques for Feature Reduction in Intrusion Detection Systems: A Comparison , 2009, 2009 Fourth International Conference on Computer Sciences and Convergence Information Technology.

[24]  Taghi M. Khoshgoftaar,et al.  CLUSTERING-BASED NETWORK INTRUSION DETECTION , 2007 .

[25]  Cheng G. Weng,et al.  A New Evaluation Measure for Imbalanced Datasets , 2008, AusDM.

[26]  Azween Abdullah,et al.  Intrusions Detection based on Optimum Features Subset and Efficient Dataset Selection , 2012 .

[27]  M. Govindarajan Intrusion Detection using an Ensemble of Classification Methods , 2012 .