A GA-LR wrapper approach for feature selection in network intrusion detection. Issue 70 (September 2017)
- Record Type:
- Journal Article
- Title:
- A GA-LR wrapper approach for feature selection in network intrusion detection. Issue 70 (September 2017)
- Main Title:
- A GA-LR wrapper approach for feature selection in network intrusion detection
- Authors:
- Khammassi, Chaouki
Krichen, Saoussen - Abstract:
- Highlights: First, the preprocessing stage consists of resampling, changing the attribute values, and removing redundant records. Second, the feature selection stage reduces the feature space of the used datasets using the GA-LR wrapper. Third, the classification stage is performed using three decision tree classifiers namely with the best selected subsets. The best subset for the KDD99 is composed of 18 features and gives an accuracy equal to 99.90%, 99.81% DR and 0.105% FAR. The best subset for the UNSW-NB15 is composed of 20 features and gives an accuracy equal to 81.42% and 6.39% FAR. Abstract: Intrusions constitute one of the main issues in computer network security. Through malicious actions, hackers can have unauthorised access that compromises the integrity, the confidentiality, and the availability of resources or services. Intrusion detection systems (IDSs) have been developed to monitor and filter network activities by identifying attacks and alerting network administrators. Different IDS approaches have emerged using data mining, machine learning, statistical analysis, and artificial intelligence techniques such as genetic algorithms, artificial neural networks, fuzzy logic, swarm intelligence, etc. Due to the high dimensionality of the exchanged data, applying those techniques will be extremely time consuming. Feature selection is needed to select the optimal subset of features that represents the entire dataset to increase the accuracy and the classificationHighlights: First, the preprocessing stage consists of resampling, changing the attribute values, and removing redundant records. Second, the feature selection stage reduces the feature space of the used datasets using the GA-LR wrapper. Third, the classification stage is performed using three decision tree classifiers namely with the best selected subsets. The best subset for the KDD99 is composed of 18 features and gives an accuracy equal to 99.90%, 99.81% DR and 0.105% FAR. The best subset for the UNSW-NB15 is composed of 20 features and gives an accuracy equal to 81.42% and 6.39% FAR. Abstract: Intrusions constitute one of the main issues in computer network security. Through malicious actions, hackers can have unauthorised access that compromises the integrity, the confidentiality, and the availability of resources or services. Intrusion detection systems (IDSs) have been developed to monitor and filter network activities by identifying attacks and alerting network administrators. Different IDS approaches have emerged using data mining, machine learning, statistical analysis, and artificial intelligence techniques such as genetic algorithms, artificial neural networks, fuzzy logic, swarm intelligence, etc. Due to the high dimensionality of the exchanged data, applying those techniques will be extremely time consuming. Feature selection is needed to select the optimal subset of features that represents the entire dataset to increase the accuracy and the classification performance of the IDS. In this work, we apply a wrapper approach based on a genetic algorithm as a search strategy and logistic regression as a learning algorithm for network intrusion detection systems to select the best subset of features. The experiment will be conducted on the KDD99 dataset and the UNSW-NB15 dataset. Three different decision tree classifiers are used to measure the performance of the selected subsets of features. The obtained results are compared with other feature selection approaches to verify the efficiency of our proposed approach. … (more)
- Is Part Of:
- Computers & security. Issue 70(2017)
- Journal:
- Computers & security
- Issue:
- Issue 70(2017)
- Issue Display:
- Volume 70, Issue 70 (2017)
- Year:
- 2017
- Volume:
- 70
- Issue:
- 70
- Issue Sort Value:
- 2017-0070-0070-0000
- Page Start:
- 255
- Page End:
- 277
- Publication Date:
- 2017-09
- Subjects:
- Intrusion detection systems -- Anomaly detection -- Feature selection -- Wrapper approach -- Genetic algorithm -- Logistic regression -- Classification -- Decision tree -- KDD99 -- UNSW-NB15
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2017.06.005 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 6986.xml