research-article

Features selection approaches for intrusion detection systems based on evolution algorithms

Authors:

Mohammed El-Abed,

Fakhri KarrayAuthors Info & Claims

ICUIMC '13: Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication

Article No.: 10, Pages 1 - 5

https://doi.org/10.1145/2448556.2448566

Published: 17 January 2013 Publication History

Abstract

Intrusion Detection Systems (IDSs) deal with large amount of data containing irrelevant and redundant features, which leads to slow training and testing processes, heavy computational resources and low detection accuracy. Therefore, the features selection is an important issue in intrusion detection. In this paper, we investigate the use of evolution algorithms for features selection approach in IDS. We compared the performance of three feature selection algorithms: Genetic Algorithms (GAs), Particle Swarm Optimization (PSO) and Differential Evolution (DE) using KDD Cup 1999 dataset. Our results show that DE is clearly and consistently superior compared to GAs and PSO for feature selection problems, both in respect to classification accuracy as well as number of features.

References

[1]

H. Gao, H. Yang, X. Wang. Ant Colony Optimization Based Network Intrusion Feature Selection and Detection. The Fourth International Conference on Machine Learning and Cybernetics, Guangzhou, Page(s): 18--21, August 2005.

[2]

Surat Srinoy. Intrusion Detection Model Based On Particle Swarm Optimization and Support Vector Machine. The 2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications (CISDA 2007), Page(s): 186--192, 1--5 April 2007.

[3]

http://jgap.sourceforge.net/doc/gaintro.html

[4]

http://www.doc.ic.ac.uk/~nd/surprise_96/journal/vol1/hmw/article1.html

[5]

http://www.swarmintelligence.org/tutorials.php

[6]

M. Settles, "An Introduction to Particle Swarm Optimization", November 2005.

[7]

X. Li, Particle Swarm Optimization, a tutorial prepared for GECCO'07, 2007.

[8]

P. Tillapart, Th. Thumthawatworn and P. Santiprabhob. Fuzzy Intrusion Detection System. AU J. T. 6(2): 109--114, October 2002.

[9]

Z. Jian, D. Yong, and G. Jian. Intrusion Detection System based on Fuzzy Default Logic. The 12^th IEEE International Conference on Fuzzy Systems, Page(s): 1350--1356 Vol. 2, May 2003.

[10]

M. Pillai, j. Eloff, and H. Venter. An Approach to Implement a Network Intrusion Detection System using Genetic Algorithms. ACM Proceedings of the 2004 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries, Page(s): 221--221 Vol. 75, 2004.

Digital Library

[11]

Chittur. Model Generation for an Intrusion Detection System Using Genetic Algorithms, November 27, 2001.

[12]

W. Li. Using Genetic Algorithm for Network Intrusion Detection. Unpublished technical report. Department of Computer Science and Engineering, Mississippi State University. http://www.security.cse.msstate.edu/docs/Publications/wli/DOECSG2004.pdf.

[13]

J. Li, G. Zhang, and G. Gu. The Research and Implementation of Intelligent Intrusion Detection System Based on Artificial Neural Network. IEEE Proceedings of the Third International Conference on Machine Laming and Cybernetics, Shanghai, Page(s): 3178--3182 Vol. 5, August 2004.

[14]

C. Zhang, J. Jiang, and M. Kamel. Intrusion detection using hierarchical neural networks. Pattern Recognition Letters 26, Page(s): 779--791, 16 February 2004.

Digital Library

[15]

L. Silva, A. Santos, J. Silva, and A. Montes. A Neural Network Application for Attack Detection in Computer Networks. IEEE International Joint Conference on Neural Network, 25--29, Page(s): 1569--1574 Vol. 2, July 2004.

[16]

S. Mukkamala and A. Sung. Artificial Intelligent Techniques for Intrusion Detection. IEEE International Conference Systems, Man, and Cybernetics, 2003, Page(s): 1266--1271, 2003.

[17]

J. Mill and A. Tnoue. Support Vector Classifiers and Network Intrusion Detection. 2004 IEEE International Conference on Fuzzy Systems, Page(s): 407--410, 25--29 July 2004.

[18]

K. Li, H. Huang, Sh. Tian I, and W. Xu. Improving One-Class Svm For Anomaly Detection. The Second International Conference on Machine Learning and Cybernetics, Page(s): 3077--3081, 2--5 Nov. 2003.

[19]

Andrew H. Sung, Srinivas Mukkamala. Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks. Symposium on Application and Internet (SAINT'03), Page(s): 209--216, 27--31 January 2003.

Digital Library

[20]

V. Golovko, L. Vaisekhovich, P. Kochurko and U. Rubanau. Dimensionality Reduction and Attack Recognition using Neural Network Approaches. International Joint Conference on Neural Networks, 2007, Page(s): 2734--2739, 12--17 August 2007.

[21]

Khaja Mohammad Shazzad, Jong Sou Park. Optimization of Intrusion Detection through Fast Hybrid Feature Selection. The Sixth International Conference on Parallel and Distributed Computing, Applications and Technologies, 2005, (PDCAT'05), Page(s): 264--267, 05--08 December 2005.

Digital Library

[22]

Hofmann, T. Horeis, and B. Sick. Feature Selection for Intrusion Detection: An Evolutionary Wrapper Approach. 2004 IEEE International Joint Conference on Neural Networks, Page(s): 1563--1568, 25--29 July 2004.

[23]

D. Kim, H. Nguyen, and J. Park. Genetic Algorithm to Improve SVM Based Network Intrusion Detection System. 19th International Conference on Advanced Information Networking and Applications, 2005 (AINA 2005), 2005 Page(s): 155--158, 28--30 March 2005.

Digital Library

[24]

Hofmann and B. Sick. Evolutionary Optimization of Radial Basis Function Networks for Intrusion Detection. The international Joint Conference on Neural Networks, Page(s): 415--420, 20--24 July 2003.

[25]

S. Mukkamala 1 and A. Sung. Feature Selection for Intrusion Detection using Neural Networks and Support Vector Machines. Technical Report.

[26]

Mukkamala, and A. Sung. Detecting Denial of Service Attacks Using Support Vector MachinesS. The 12th IEEE International Conference on Fuzzy Systems, 2003, Page(s): 1231--1236, 25--28 May 2003.

[27]

M. Hill, "An introduction to differential evolution Source", Book chapter: New ideas in optimization, pp. 79--108, 1999.

Digital Library

Cited By

Sharma ARani SDriss M(2024)Hybrid evolutionary machine learning model for advanced intrusion detection architecture for cyber threat identificationPLOS ONE10.1371/journal.pone.030820619:9(e0308206)Online publication date: 12-Sep-2024
https://doi.org/10.1371/journal.pone.0308206
Ghazi MGangodkar N(2024)Assessing the Efficacy of SVM Kernel Types for Detecting Generic Attacks in Cloud Environments: A Meta-Heuristic Perspective2024 OPJU International Technology Conference (OTCON) on Smart Computing for Innovation and Advancement in Industry 4.010.1109/OTCON60325.2024.10688176(1-6)Online publication date: 5-Jun-2024
https://doi.org/10.1109/OTCON60325.2024.10688176
Bhimavarapu U(2024)ERFLSTM: Enhanced regularization function in LSTM to assess feature importanceInternational Journal of System Assurance Engineering and Management10.1007/s13198-024-02552-z15:11(5389-5403)Online publication date: 16-Oct-2024
https://doi.org/10.1007/s13198-024-02552-z
Show More Cited By

Index Terms

Features selection approaches for intrusion detection systems based on evolution algorithms
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features

Recommendations

Features selection for intrusion detection systems based on support vector machines
CCNC'09: Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference

Intrusion detection systems (IDSs) deal with large amounts of data containing irrelevant and/or redundant features. These features result in a slow training and testing process, heavy computational resources, and low detection accuracy. Features ...
TCP/IP Model and Intrusion Detection Systems
WAINA '09: Proceedings of the 2009 International Conference on Advanced Information Networking and Applications Workshops

To accommodate the information security growth and hacker's improved strategies and tools, Intrusion Detection Systems (IDSs) are required to be allocated across the network. Furthermore, previous studies showed that the choice of network features used ...
Lightweight IDS Based on Features Selection and IDS Classification Scheme
CSE '09: Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03

The Intrusion Detection System (IDS) deals with huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. To overcome these limitations, we ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ICUIMC '13: Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication

January 2013

772 pages

ISBN:9781450319584

DOI:10.1145/2448556

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing
SKKU: SUNGKYUNKWAN UNIVERSITY

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 January 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ICUIMC '13

Sponsor:

SIGAPP
SKKU

ICUIMC '13: The 7th International Conference on Ubiquitous Information Management and Communication

January 17 - 19, 2013

Kota Kinabalu, Malaysia

Acceptance Rates

Overall Acceptance Rate 251 of 941 submissions, 27%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
270
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sharma ARani SDriss M(2024)Hybrid evolutionary machine learning model for advanced intrusion detection architecture for cyber threat identificationPLOS ONE10.1371/journal.pone.030820619:9(e0308206)Online publication date: 12-Sep-2024
https://doi.org/10.1371/journal.pone.0308206
Ghazi MGangodkar N(2024)Assessing the Efficacy of SVM Kernel Types for Detecting Generic Attacks in Cloud Environments: A Meta-Heuristic Perspective2024 OPJU International Technology Conference (OTCON) on Smart Computing for Innovation and Advancement in Industry 4.010.1109/OTCON60325.2024.10688176(1-6)Online publication date: 5-Jun-2024
https://doi.org/10.1109/OTCON60325.2024.10688176
Bhimavarapu U(2024)ERFLSTM: Enhanced regularization function in LSTM to assess feature importanceInternational Journal of System Assurance Engineering and Management10.1007/s13198-024-02552-z15:11(5389-5403)Online publication date: 16-Oct-2024
https://doi.org/10.1007/s13198-024-02552-z
Ghazi MRaghava N(2024)Detecting DoS Outbreaks in Cloud Environment Using Machine Learning Algorithms in Hadoop ClusterControl and Information Sciences10.1007/978-981-99-9554-7_13(177-188)Online publication date: 17-May-2024
https://doi.org/10.1007/978-981-99-9554-7_13
Karimi ZTorabi Z(2023)Enhancing kNN-Based Intrusion Detection with Differential Evolution with Auto-Enhanced Population Diversity2023 14th International Conference on Information and Knowledge Technology (IKT)10.1109/IKT62039.2023.10433038(129-135)Online publication date: 26-Dec-2023
https://doi.org/10.1109/IKT62039.2023.10433038
Nasir MKhan SKhan MFatima M(2022)Swarm Intelligence inspired Intrusion Detection Systems — A systematic literature reviewComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2021.108708205:COnline publication date: 14-Mar-2022
https://dl.acm.org/doi/10.1016/j.comnet.2021.108708
Deepa VRadha N(2021)A Survey on Network Intrusion System Attacks Classification Using Machine Learning TechniquesIOP Conference Series: Materials Science and Engineering10.1088/1757-899X/1022/1/0120361022:1(012036)Online publication date: 1-Jan-2021
https://doi.org/10.1088/1757-899X/1022/1/012036
Almomani O(2020)A Feature Selection Model for Network Intrusion Detection System Based on PSO, GWO, FFA and GA AlgorithmsSymmetry10.3390/sym1206104612:6(1046)Online publication date: 23-Jun-2020
https://doi.org/10.3390/sym12061046
Wang YMa YJin RLiu PRuan N(2020)Comprehensive Criteria-Based Generalized Steganalysis Feature Selection MethodIEEE Access10.1109/ACCESS.2020.30187098(154418-154435)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3018709
Htwe TKham N(2020)Protocol Random Forest Model to Enhance the Effectiveness of Intrusion Detection IdentificationInternational Conference on Innovative Computing and Communications10.1007/978-981-15-5148-2_15(169-178)Online publication date: 31-Jul-2020
https://doi.org/10.1007/978-981-15-5148-2_15
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten