Improving Intrusion Detection System by Developing Feature Selection Model Based on Firefly Algorithm and Support Vector Machine (original) (raw)
Related papers
International Journal of Intelligent Engineering and Systems, 2021
Accurate intrusion detection is necessary to preserve network security. However, developing efficient intrusion detection system is a complex problem due to the nonlinear nature of the intrusion attempts, the unpredictable behaviour of network traffic, and the large number features in the problem space. Hence, selecting the most effective and discriminating feature is highly important. Additionally, eliminating irrelevant features can improve the detection accuracy as well as reduce the learning time of machine learning algorithms. However, feature reduction is an NPhard problem. Therefore, several metaheuristics have been employed to determine the most effective feature subset within reasonable time. In this paper, two intrusion detection models are built based on a modified version of the firefly algorithm to achieve the feature selection task. The first and, the second models have been used for binary and multiclass classification, respectively. The modified firefly algorithm emp...
Iraqi journal of science, 2018
Regarding the security of computer systems, the intrusion detection systems (IDSs) are essential components for the detection of attacks at the early stage. They monitor and analyze network traffics, looking for abnormal behaviors or attack signatures to detect intrusions in real time. A major drawback of the IDS is their inability to provide adequate sensitivity and accuracy, coupled with their failure in processing enormous data. The issue of classification time is greatly reduced with the IDS through feature selection. In this paper, a new feature selection algorithm based on Firefly Algorithm (FA) is proposed. In addition, the naïve bayesian classifier is used to discriminate attack behaviour from normal behaviour in the network traffic. The FA selects the discriminating features from NSL-KDD dataset. The performance of the IDS in the detection of attacks was enhanced by the proposed model and compare with other models.
An Intrusion Detection System Using Modified-Firefly Algorithm in Cloud Environment
International Journal of Digital Crime and Forensics, 2021
The present era is being dominated by cloud computing technology which provides services to the users as per demand over the internet. Satisfying the needs of huge people makes the technology prone to activities which come up as a threat. Intrusion detection system (IDS) is an effective method of providing data security to the information stored in the cloud which works by analyzing the network traffic and informs in case of any malicious activities. In order to control high amount of data stored in cloud, data is stored as per relevance leading to distributed computing. To remove redundant data, the authors have implemented data mining process such as feature selection which is used to generate an optimum subset of features from a dataset. In this paper, the proposed IDS provides security working upon the idea of feature selection. The authors have prepared a modified-firefly algorithm which acts as a proficient feature selection method and enables the NSL-KDD dataset to consume le...
Enhanced Detection Rate for Network Intrusion Detection System by Using Chaotic Firefly Algorithm
2018
Regarding the security of computer systems, the intrusion detection systems (IDS) are essential components for the detection of attacks at the early stage. Therefore, the main goal of this thesis is to choose the differentiating features the development of an optimal machine learning algorithm with respect to high detection rates, fast training and testing processes. So a proposed machine learning model containing a feature selection algorithm (wrapper type) based on the integration of Firefly algorithm (FA) with Naïve Bayesian Classifier (NBC) were proposed. 1999 KDDCUP and NSLKDD data sets . The proposed model been developed and tested over two types of feature selection objectives single objective fitness function (accuracy) and multiple objective fitness function (accuracy and number of features).
Feature Selection Approach based on Firefly Algorithm and Chi-square
International Journal of Electrical and Computer Engineering (IJECE), 2018
Dimensionality problem is a well-known challenging issue for most classifiers in which datasets have unbalanced number of samples and features. Features may contain unreliable data which may lead the classification process to produce undesirable results. Feature selection approach is considered a solution for this kind of problems. In this paperan enhanced firefly algorithm is proposed to serve as a feature selection solution for reducing dimensionality and picking the most informative features to be used in classification. The main purpose of the proposedmodel is to improve the classification accuracy through using the selected features produced from the model, thus classification errors will decrease. Modeling firefly in this research appears through simulating firefly position by cell chi-square value which is changed after every move, and simulating firefly intensity by calculating a set of different fitness functionsas a weight for each feature. K-nearest neighbor and Discriminant analysis are used as classifiers to test the proposed firefly algorithm in selecting features. Experimental results showed that the proposed enhanced algorithmbased on firefly algorithm with chi-square and different fitness functions can provide better results than others. Results showed that reduction of dataset is useful for gaining higher accuracy in classification.
Feature Selection for Intrusion Detection System using Support Vector Machines
Security is the main concern in maintaining reliable communication in network world. To rely on security, modeling efficient Intrusion Detection Systems (IDSs) is becoming mandatory. These days' applying data mining techniques in various fields is expanding, among these feature selection procedures have become crucial. So we have applied Euclidean distance for choosing best features from the large set of features. Ranking Score is given to all the features, based on these, the predominant features are selected. This helps in improving classification performance for detecting suspicious activities and reduces the storage space. Substantially Intrusion detection is a classification technique in machine learning context; we used Support Vector Machines (SVMs) for categorizing attacks from normal data. We used KDD cup 99 dataset for conducting experiments. By the results achieved we have proved that this method suits well for detecting intrusive behavior with low false positive rates and good accuracy.
2018
With the growth of the internet, network attacks have increased severely in a substantial number in the last few years. Therefore, Intrusion Detection Systems (IDSs) have become a necessary addition to the information security of most organizations. An IDS monitors a network or a single host looking for suspicious activity and reports them. Many intrusion detection types of research have focused on the feature selection because some characteristics are irrelevant or redundant which result in a lengthy detection process and degrades the performance of IDS. For this purpose, we have used in this work an algorithm based on Information Gain technique. This algorithm selects an optimal number of features from NSL-KDD Dataset. In addition, we have combined the feature selection with a machine learning technique named Support Vector Machine (SVM) using Radial-basis kernel function (RBF) and a Particle Swarm Optimization algorithm to optimize the parameters of SVM for effective classificati...
Indian Journal of Computer Science and Engineering, 2022
Security of information in this Information Technology (IT) era has been one of the challenges facing individuals and organisations. Among the measures developed by security experts to counter security threats is the Intrusion Detection System (IDS). Despite earlier research efforts to develop formidable IDSs, the existing systems still suffer from a high false alarm and inability to detect new (novel) attacks because of the high volume of features in network traffic. Therefore, this study aimed at developing IDS with an enhanced feature selection and classification method using two stages of attack identification. The feature selection phase employed Particle Swarm Optimization (PSO) to optimally select relevant features from Principal Component Analysis (PCA)'s projected principal space. The reduced dataset was passed into the misuse detector using C4.5 to classify network traffic into normal and attack. The "assumed" normal traffic further passed to the anomaly detector, the second-level classifier using Support Vector Machine (SVM) for detecting new attacks that the misuse detector has not previously detected. The proposed model was demonstrated on the KDD Cup'99 and NSL-KDD intrusion datasets, with the system achieving a false alarm rate of 0.53% and detection rate of 99.43% for NSL KDD dataset. The results show that enhancing the feature selection phase and classification method reduces the false alarm and improves the system's ability to detect zero-day attacks.
Symmetry
The network intrusion detection system (NIDS) aims to identify virulent action in a network. It aims to do that through investigating the traffic network behavior. The approaches of data mining and machine learning (ML) are extensively used in the NIDS to discover anomalies. Regarding feature selection, it plays a significant role in improving the performance of NIDSs. That is because anomaly detection employs a great number of features that require much time. Therefore, the feature selection approach affects the time needed to investigate the traffic behavior and improve the accuracy level. The researcher of the present study aimed to propose a feature selection model for NIDSs. This model is based on the particle swarm optimization (PSO), grey wolf optimizer (GWO), firefly optimization (FFA) and genetic algorithm (GA). The proposed model aims at improving the performance of NIDSs. The proposed model deploys wrapper-based methods with the GA, PSO, GWO and FFA algorithms for selecti...
Hybrid Feature Selection Algorithm for Intrusion Detection System
Journal of Computer Science, 2014
Network security is a serious global concern. Usefulness Intrusion Detection Systems (IDS) are increasing incredibly in Information Security research using Soft computing techniques. In the previous researches having irrelevant and redundant features are recognized causes of increasing the processing speed of evaluating the known intrusive patterns. In addition, an efficient feature selection method eliminates dimension of data and reduce redundancy and ambiguity caused by none important attributes. Therefore, feature selection methods are well-known methods to overcome this problem. There are various approaches being utilized in intrusion detections, they are able to perform their method and relatively they are achieved with some improvements. This work is based on the enhancement of the highest Detection Rate (DR) algorithm which is Linear Genetic Programming (LGP) reducing the False Alarm Rate (FAR) incorporates with Bees Algorithm. Finally, Support Vector Machine (SVM) is one of the best candidate solutions to settle IDSs problems. In this study four sample dataset containing 4000 random records are excluded randomly from this dataset for training and testing purposes. Experimental results show that the LGP_BA method improves the accuracy and efficiency compared with the previous related research and the feature subcategory offered by LGP_BA gives a superior representation of data.