Feature selection using PRACO method for IDS in cloud environment

Cloud Computing is the distribution of computing resources on demand to the users over Internet. But with virtual existence of data and resources comes the problem of privacy and security. In such environments Intrusion Detection System (IDS) comes in handy. They read huge chunks of data to find out attack patterns. But learning through this huge amount of data is very time consuming. So, data reduction is necessary. Using feature selection methods, number of features can be reduced by eliminating redundant and irrelevant attributes from datasets. In this paper the authors have proposed a Penalty Reward based Ant Colony Optimization (PRACO) method for feature selection. The penalty and reward terms used in this paper help in better exploration-exploitation trade-off by rewarding the useful features and penalizing the other ones. Along with that the concepts of max-relevance and min-redundancy are also used to indicate interactions between selected features. The proposed model is assessed on 10% KDD Cup 99, NSL-KDD and UNSW-NB15 datasets. It was observed that the PRACO method achieved 81.682% and 83.584% accuracy on average during train-test phase using NSL-KDD and UNSW-NB15 datasets. The results provide substantial evidence that the proposed model is effective in finding optimal results and thus provide IDS with increased efficiency.

[1]  Bayu Adhi Tama,et al.  Ensemble learning for intrusion detection systems: A systematic mapping study and cross-benchmark evaluation , 2021, Comput. Sci. Rev..

[2]  Banu Günel Kılıç,et al.  A Class-Specific Intrusion Detection Model: Hierarchical Multi-class IDS Model , 2020, SN Computer Science.

[3]  Ciza Thomas,et al.  Improved PSO for optimizing the performance of intrusion detection systems , 2020, J. Intell. Fuzzy Syst..

[4]  Eunjin Kim,et al.  Adaptive Dynamic Probabilistic Elitist Ant Colony Optimization in Traveling Salesman Problem , 2020, SN Comput. Sci..

[5]  Bo Hong,et al.  A network intrusion detection system based on convolutional neural network , 2020, J. Intell. Fuzzy Syst..

[6]  Su Sheng,et al.  Detection of probe flow anomalies using information entropy and random forest method , 2020, J. Intell. Fuzzy Syst..

[7]  Bayu Adhi Tama,et al.  TSE-IDS: A Two-Stage Classifier Ensemble for Intelligent Anomaly-Based Intrusion Detection System , 2019, IEEE Access.

[8]  Francisco Herrera,et al.  Enabling Smart Data: Noise filtering in Big Data classification , 2017, Inf. Sci..

[9]  B. Raman,et al.  Secure data deduplication using secret sharing schemes over cloud , 2018, Future Gener. Comput. Syst..

[10]  Shui Yu,et al.  Multistage Signaling Game-Based Optimal Detection Strategies for Suppressing Malware Diffusion in Fog-Cloud-Based IoT Networks , 2018, IEEE Internet of Things Journal.

[11]  Chaouki Khammassi,et al.  A GA-LR wrapper approach for feature selection in network intrusion detection , 2017, Comput. Secur..

[12]  Xiangjian He,et al.  Building an Intrusion Detection System Using a Filter-Based Feature Selection Algorithm , 2016, IEEE Transactions on Computers.

[13]  Jill Slay,et al.  The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set , 2016, Inf. Secur. J. A Glob. Perspect..

[14]  Harish Kumar,et al.  An intrusion detection system using network traffic profiling and online sequential extreme learning machine , 2015, Expert Syst. Appl..

[15]  Rung Ching Chen,et al.  An artificial bee colony algorithm for data collection path planning in sparse wireless sensor networks , 2013, International Journal of Machine Learning and Cybernetics.

[16]  Hongjie Li,et al.  A stochastic evolutionary coalition game model of secure and dependable virtual service in Sensor-Cloud , 2015, Appl. Soft Comput..

[17]  Mohamed M. Abd-Eldayem A proposed HTTP service based IDS , 2014 .

[18]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..

[19]  Manas Ranjan Patra,et al.  Network intrusion detection system: A machine learning approach , 2011, Intell. Decis. Technol..

[20]  Ivor W. Tsang,et al.  A Hybrid PSO-BFGS Strategy for Global Optimization of Multimodal Functions , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[21]  Malcolm I. Heywood,et al.  A Hierarchical SOM based Intrusion Detection System , 2008 .

[22]  Fuhui Long,et al.  Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy , 2003, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[23]  Erol Gelenbe,et al.  Defending networks against denial-of-service attacks , 2004, SPIE Security + Defence.

[24]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[25]  Luca Maria Gambardella,et al.  Ant colony system: a cooperative learning approach to the traveling salesman problem , 1997, IEEE Trans. Evol. Comput..