Network Intrusion Detection Using Kernel-based Fuzzy-rough Feature Selection

The purpose of the intrusion detection systems is to detect attacks on computer systems and networks. Many technologies can be used for intrusion detection, and one of the most effective technologies is data mining. The rapid development of network technology and internet of things makes network intrusion detection become one of the hot topics for research. Various classifiers have been applied in the field of network intrusion detection, but the performance of such approaches highly depends on the features used. Therefore, feature selection approaches have been usually used along with classifiers for network intrusion detection, including the fuzzy-rough feature selection. The fuzzy-rough sets is an extension of the classical rough sets, which can deal with the imprecision and uncertainty of discrete, real value or noise data. It can be seen from the practical applications that there are some shortcomings. Therefore, researchers combine fuzzy-rough sets with kernel methods in order to solve these problems. In this paper, the kernel-based fuzzy-rough feature selection method is used to select the feature subset for the intrusion detection. The proposed approach is validated and evaluated using the KDD 99 dataset with the support of different common classifiers. The experimental outcomes obtained by applying the kernel-based fuzzy-rough feature selection method on KDD data set demonstrate that it performs well in terms of reduction effect and accuracy.

[1]  Marko Robnik-Sikonja,et al.  An adaptation of Relief for attribute estimation in regression , 1997, ICML.

[2]  Isabelle Guyon,et al.  An Introduction to Variable and Feature Selection , 2003, J. Mach. Learn. Res..

[3]  Wei Wu,et al.  Multi-functional nearest-neighbour classification , 2018, Soft Comput..

[4]  Wei Wu,et al.  Kernel-based fuzzy-rough nearest neighbour classification , 2011, 2011 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE 2011).

[5]  Yoav Freund,et al.  Experiments with a New Boosting Algorithm , 1996, ICML.

[6]  Marc G. Genton,et al.  Classes of Kernels for Machine Learning: A Statistics Perspective , 2002, J. Mach. Learn. Res..

[7]  David W. Aha,et al.  Instance-Based Learning Algorithms , 1991, Machine Learning.

[8]  Taeshik Shon,et al.  SVM Approach with a Genetic Algorithm for Network Intrusion Detection , 2005, ISCIS.

[9]  Fei Chao,et al.  Generalized Adaptive Fuzzy Rule Interpolation , 2017, IEEE Transactions on Fuzzy Systems.

[10]  Jie Li,et al.  Intrusion detection system by fuzzy interpolation , 2017, 2017 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE).

[11]  Jacinth Salome,et al.  Fuzzy Data Mining and Genetic Algorithms Applied to Intrusion Detection , 2007 .

[12]  Chenxia Jin,et al.  Feature selection with partition differentiation entropy for large-scale data sets , 2016, Inf. Sci..

[13]  Susan M. Bridges,et al.  Mining fuzzy association rules and fuzzy frequency episodes for intrusion detection , 2000, Int. J. Intell. Syst..

[14]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[15]  Janusz Zalewski,et al.  Rough sets: Theoretical aspects of reasoning about data , 1996 .

[16]  Mansour Sheikhan,et al.  Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach , 2017, Comput. Commun..

[17]  Mark A. Hall,et al.  Correlation-based Feature Selection for Machine Learning , 2003 .

[18]  Huang Hao,et al.  An Ensemble Approach to Intrusion Detection Based on Improved Multi-Objective Genetic Algorithm , 2007 .

[19]  Venu Govindaraju,et al.  Data mining for intrusion detection: techniques, applications and systems , 2004, Proceedings. 20th International Conference on Data Engineering.

[20]  Jie Li,et al.  TSK Inference with Sparse Rule Bases , 2016, UKCI.

[21]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[22]  Shilpa Lakhina,et al.  Feature Reduction using Principal Component Analysis for Effective Anomaly – Based Intrusion Detection on NSL-KDD , 2010 .

[23]  Jie Li,et al.  An extended Takagi–Sugeno–Kang inference system (TSK+) with fuzzy interpolation and its rule base generation , 2018, Soft Comput..

[24]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[25]  Xiao Zhang,et al.  Feature selection in mixed data: A method using a novel fuzzy rough set-based information entropy , 2016, Pattern Recognit..

[26]  Jane Labadin,et al.  Feature selection based on mutual information , 2015, 2015 9th International Conference on IT in Asia (CITA).

[27]  Qiang Shen,et al.  Closed form fuzzy interpolation , 2013, Fuzzy Sets Syst..

[28]  Didier Dubois,et al.  Putting Rough Sets and Fuzzy Sets Together , 1992, Intelligent Decision Support.

[29]  Yan Yu An Ensemble Approach to Intrusion Detection Based on Improved Multi-Objective Genetic Algorithm , 2007 .

[30]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .

[31]  Pat Langley,et al.  Estimating Continuous Distributions in Bayesian Classifiers , 1995, UAI.

[32]  Yishi Zhang,et al.  Divergence-based feature selection for separate classes , 2013, Neurocomputing.

[33]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[34]  Wei Wu,et al.  Kernel-based Fuzzy-rough Nearest-neighbour Classification for Mammographic Risk Analysis , 2015, International Journal of Fuzzy Systems.

[35]  Tailen Hsing,et al.  Principal components analysis , 2015 .

[36]  Robert LIN,et al.  NOTE ON FUZZY SETS , 2014 .

[37]  Jie Li,et al.  Experience-based rule base generation and adaptation for fuzzy interpolation , 2016, 2016 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE).