Binary PSO and random forests algorithm for PROBE attacks detection in a network

During the past few years, huge amount of network attacks have increased the requirement of efficient network intrusion detection techniques. Different classification techniques for identifying various attacks have been proposed in the literature. In this paper we propose and implement a hybrid classifier based on binary particle swarm optimization (BPSO) and random forests (RF) algorithm for the classification of PROBE attacks in a network. PSO is an optimization method which has a strong global search capability and is used for fine-tuning of the features whereas RF, a highly accurate classifier, is used here for classification. We demonstrate the performance of our technique using KDD99Cup dataset. We also compare the performance of our proposed classifier with eight other well-known classifiers and the results show that the performance achieved by the proposed classifier is much better than the other approaches.

[1]  Sushil Jajodia,et al.  ADAM: a testbed for exploring the use of data mining in intrusion detection , 2001, SGMD.

[2]  T. S. Chou,et al.  Network Intrusion Detection Design Using Feature Selection of Soft Computing Paradigms , 2008 .

[3]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[4]  Sushil Jajodia,et al.  ADAM: Detecting Intrusions by Data Mining , 2001 .

[5]  Neveen I. Ghali,et al.  Feature Selection for Effective Anomaly-Based Intrusion Detection , 2009 .

[6]  Li-Yeh Chuang,et al.  Feature Selection using PSO-SVM , 2007, IMECS.

[7]  Yuehui Chen,et al.  Feature Selection and Intrusion Detection Using Hybrid Flexible Neural Tree , 2005, ISNN.

[8]  Hai Jin,et al.  A fuzzy data mining based intrusion detection model , 2004, Proceedings. 10th IEEE International Workshop on Future Trends of Distributed Computing Systems, 2004. FTDCS 2004..

[9]  S. T. Sarasamma,et al.  Hierarchical Kohonenen net for anomaly detection in network security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[10]  WASEEM SHAHZAD,et al.  Compatibility as a Heuristic for Construction of Rules by Artificial Ants , 2010, J. Circuits Syst. Comput..

[11]  Ravi Jain,et al.  Soft Computing Models for Network Intrusion Detection Systems , 2005, Classification and Clustering for Knowledge Discovery.

[12]  Choo-Yee Ting,et al.  From Feature Selection to Building of Bayesian Classifiers: A Network Intrusion Detection Perspective , 2009 .

[13]  Tamas Abraham IDDM: Intrusion Detection Using Data Mining Techniques , 2001 .

[14]  Philip K. Chan,et al.  An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection , 2003, RAID.

[15]  Choo-Yee Ting,et al.  A Feature Selection Approach for Network Intrusion Detection , 2009, 2009 International Conference on Information Management and Engineering.

[16]  Li-Yeh Chuang,et al.  Chaotic Binary Particle Swarm Optimization for Feature Selection using Logistic Map , 2008 .

[17]  Ajith Abraham,et al.  Feature deduction and ensemble design of intrusion detection systems , 2005, Comput. Secur..

[18]  Bojan Cukic,et al.  Robust prediction of fault-proneness by random forests , 2004, 15th International Symposium on Software Reliability Engineering.