International Journal of Computer Network and Information Security (IJCNIS)
IJCNIS Vol. 11, No. 8, 8 Aug. 2019
Cover page and Table of Contents: PDF (size: 860KB)
Data Mining based Framework for Effective Intrusion Detection using Hybrid Feature Selection Approach
Full Text (PDF, 860KB), PP.1-12
Views: 0 Downloads: 0
Author(s)
Index Terms
Mutual Information, Linear Correlation Coefficient, Feature Selection, KDD-cup-99, UNSW-NB15
Abstract
Building strong IDS is essential in today’s network traffic environment, feature reduction is one approach in constructing the effective IDS system by selecting the most relevant features in detecting most known and unknown attacks. In this work, proposing the hybrid feature selection method by combining Mutual Information and Linear Correlation Coefficient techniques (MI-LCC) in producing the most efficient and optimized feature subset. Support Vector Machine (SVM) classification technique being used in accurately classifying the traffic data into normal and malicious records. The proposed framework shall be evaluated with the standard benchmarked datasets including KDD-Cup-99, NSL-KDD, and UNSW-NB15 datasets. The test results, comparison analysis and reference graphs shows that the proposed feature selection model produces optimized and most important features set for classifier to achieve stated accuracy and less false positive rate compared with other similar techniques.
Cite This Paper
B.A. Manjunatha, Prasanta Gogoi, M. T. Akkalappa, "Data Mining based Framework for Effective Intrusion Detection using Hybrid Feature Selection Approach", International Journal of Computer Network and Information Security(IJCNIS), Vol.11, No.8, pp.1-12, 2019.DOI:10.5815/ijcnis.2019.08.01
Reference
[1]M.A Ambusaidi, P. Nanda, “Building an intrusion detection system using a filter-based feature selection algorithm”, IEEE Transactions on Computers, 65(10): pp. 2986 – 2998, 2016.
[2]B. Mazhar Tayel and S. K. Mohamedeen, “Study of hybrid intrusion detection system”, International Conference on Innovative Trends in Computer Engineering (ITCE), pp.115 – 121, 2018.
[3]R. Battiti, “Using mutual information for selecting features in supervised neural net learning”, IEEE Transactions on Neural Networks, Issue. 5, Vol. 4, pp. 537–550, 1994.
[4]N. Kwak and. C. H. Choi, “Input feature selection for classification problems”, IEEE TRANSACTIONS ON NEURAL NETWORKS, 13(1):143-159, 2002.
[5]M. B. Shirzad and M. R. Keyvanpour, “A feature selection method based on minimum redundancy maximum relevance for learning to rank”, AI and Robotics (IRANOPEN), pp.1-5, 2015.
[6]S. SobinSoniya and S.M.C Vigila, “Intrusion detection system: Classification and techniques”, International Conference on Circuit, Power and Computing Technologies [ICCPCT], pp. 1-7, 2016.
[7]T. Janarthanan and S. Zargari, “Feature selection in unsw-nb15 and kddcup’99 datasets”, IEEE 26th International Symposium on Industrial Electronics (ISIE), pp. 1881-1886, 2017.
[8]N. Moustafa and J. Slay, “ The significant features of the UNSW-NB15 and the KDD99 data sets for Network Intrusion Detection Systems” , 25-31, 2015.
[9]W. Gao, L. Hu, and P. Zhang, “Class-specific mutual information variation for feature selection”, Pattern Recognition, Issue. 79, pp. 328-339, 2018.
[10]Canadian Institute for Cybersecurity, Nsl kdd dataset http://www.unb.ca/cic/datasets/nsl.html,
[11]Z. Stefanova and K. Ramachandran, “Network attribute selection, classification and accuracy (nasca) procedure for intrusion detection systems”, IEEE International Symposium on Technologies for Homeland Security (HST), pp. 1-7, 2017.
[12]M. Bennasar, YuliaHicks, and R. Setchi, “Feature selection using joint mutual information maximization”, Expert Systems with Applications, Issue. 42, Vol. 22, pp. 8520-8532, 2015.
[13]S. Kumara, A. Viinikaineny, and T. Hamalainenz, “Machine learning classification model for network based intrusion detection system”, 11th International Conference for Internet Technology and Secured Transactions (ICITST), 242-249, 2017.
[14]N. Hoque, D. K. Bhattacharyya, and J. K. Kalita, “A mutual information-based feature selection method”, Expert Systems with Applications, Issue. 41, Vol.14, pp. 6371-6385, 2014.
[15]B. Seijo-Pardo, I. Porto-Díaz, V. Bolón-Canedo, and A. Alonso-Betanzos, “Ensemble feature selection: Homogeneous and heterogeneous approaches, Knowledge-Based Systems, 118: pp. 124-139, 2017.
[16]H. Nkiama, S.Z.M Said, and M. Saidu’s, “A subset feature elimination mechanism for intrusion detection system”, (IJACSA) International Journal of Advanced Computer Science and Applications, 7(4), 2016.
[17]H. Lu, J. Chen, “A hybrid feature selection algorithm for gene expression data classification”, Neurocomputing, 256: 56–52, 2017.
[18]F. Amiri, M. M. R. Yousefi, A. CaroLucas, Shakery, and NasserYazdani, “Mutual information-based feature selection for intrusion detection systems”, Journal of Network and Computer Applications, Isssue. 34, Vol. 4, pp. 1184-1199, 2011.
[19]M. A. Ambusaidi, X. Upasana, “A novel feature selection approach for intrusion detection data classification”, International Conference on Trust, Security and Privacy in Computing and Communications, IEEE, Electronic ISBN: 978-1-4799-6513-7, 2014.
[20]M. S. Pervez and D. M. Farid, D. M, “Feature selection and intrusion classification in nslkdd cup 99 dataset employing svms”, The 8th International Conference on Software Knowledge Information Management and Applications (SKIMA 2014), 1–6, 2014.
[21]http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, Kddcup99 public dataset.
[22]https://www.unsw.adfa.edu.au/unsw-canberracyber/ cybersecurity/ adfa-nb15-datasets/