Feature Selection Using Fast Ensemble Learning for Network Intrusion Detection

Network security plays a critical role in today’s digital system infrastructure. Everyday, there are hundreds of cases of data theft or loss due to the system’s integrity being compromised. The root cause of this issue is the lack of systems in place which are able to foresee the advent of such attacks. Network Intrusion detection techniques are important to prevent any system or network from malicious behavior. By analyzing a dataset with features summarizing the method in which connections are made to the network, any attempt to access it can be classified as malicious or benign. To improve the accuracy of network intrusion detection, various machine learning algorithms and optimization techniques are used. Feature selection helps in finding important attributes in the dataset which have a significant effect on the final classification. This results in the reduction of the size of the dataset, thereby simplifying the task of classification. In this work, we propose using multiple techniques as an ensemble for feature selection. To reduce training time and retain accuracy, the important features of a subset of the KDD Network Intrusion detection dataset were analyzed using this ensemble learning technique. Out of 41 possible features for network intrusion, it was found that host-based statistical features of network flow play an import role in predicting network intrusion. Our proposed methodology provides multiple levels of overall selected features, correlated to the number of individual feature selection techniques that selected them. At the highest level of selected features, our experiments yielded a 6% increase in intrusion detection accuracy, an 81% decrease in dataset size and a 5.4\(\times \) decrease in runtime using a Multinomial Naive Bayes classifier on the original dataset.

[1]  Ron Kohavi,et al.  A Study of Cross-Validation and Bootstrap for Accuracy Estimation and Model Selection , 1995, IJCAI.

[2]  Max Kuhn,et al.  Building Predictive Models in R Using the caret Package , 2008 .

[3]  Wei Li,et al.  Network Intrusion Detection Based on Random Forest and Support Vector Machine , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[4]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[5]  Ravindra C. Thool,et al.  Intrusion Detection System Using Bagging Ensemble Method of Machine Learning , 2015, 2015 International Conference on Computing Communication Control and Automation.

[6]  Ravinder Kumar A Review of Network Intrusion Detection System using machine learning algorithms , 2017 .

[7]  Pierre Geurts,et al.  Extremely randomized trees , 2006, Machine Learning.

[8]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[9]  L. Ceriani,et al.  The origins of the Gini index: extracts from Variabilità e Mutabilità (1912) by Corrado Gini , 2012 .

[10]  Wes McKinney,et al.  Data Structures for Statistical Computing in Python , 2010, SciPy.

[11]  Hua Yang,et al.  Comparison among Methods of Ensemble Learning , 2013, 2013 International Symposium on Biometrics and Security Technologies.

[12]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[13]  Vipin Kumar,et al.  Feature Selection: A literature Review , 2014, Smart Comput. Rev..