A Fusion of Feature Extraction and Feature Selection Technique for Network Intrusion Detection

Published on Aug 31, 2016in International journal of security and its applications
路 DOI :10.14257/IJSIA.2016.10.8.13
Yasir Hamid7
Estimated H-index: 7
(PEC: Pondicherry Engineering College),
M. Sugumaran7
Estimated H-index: 7
(PEC: Pondicherry Engineering College),
Ludovic Journaux10
Estimated H-index: 10
Source
Abstract
With varied and widespread attacks on information systems, intrusion detection systems (IDS) have become an indispensable part of security policy for protecting data. IDS monitor event logs and network traffic to uncover suspicious connections that deviate from the regular profile and identify them as threats or attacks. Like most of the cases the dataset used for intrusion detection i.e., KDD99 suffers two problems: imbalanced class distribution and curse of dimensionality. In this work SMOTE has been used for balancing the dataset and once balanced, Principal Component Analysis (PCA) has been used to extract the features. And after that on the transformed dataset Correlation based Feature Selection (CFS) is used to select a subset of important features. The reduced dimension dataset is tested with Support Vector Machines (SVM). Obtained results demonstrate improved detection accuracy, computational efficiency with minimal false alarms and less system resources utilization
馃摉 Papers frequently viewed together
2013UbiComp: Ubiquitous Computing
2016
References15
Newest
#1Yasir Hamid (PEC: Pondicherry Engineering College)H-Index: 7
#2M. SugumaranH-Index: 7
Last. V. R. BalasaraswathiH-Index: 1
view all 3 authors...
Source
#1Wei-Chao Lin (Hwa Hsia University of Technology)H-Index: 8
#2Shih-Wen Ke (CYCU: Chung Yuan Christian University)H-Index: 12
Last. Chih-Fong Tsai (NCU: National Central University)H-Index: 34
view all 3 authors...
Abstract The aim of an intrusion detection systems (IDS) is to detect various types of malicious network traffic and computer usage, which cannot be detected by a conventional firewall. Many IDS have been developed based on machine learning techniques. Specifically, advanced detection approaches created by combining or integrating multiple learning techniques have shown better detection performance than general single learning techniques. The feature representation method is an important pattern...
Source
Nov 15, 2013 in UbiComp (Ubiquitous Computing)
#1Abebe Tesfahun (Andhra University)H-Index: 3
#2D. Lalitha Bhaskari (Andhra University)H-Index: 7
Intrusion Detection Systems (IDS) have become crucial components in computer and network security. NSL-KDD intrusion detection dataset which is an enhanced version of KDDCUP'99 dataset was used as the experiment dataset in this paper. Because of inherent characteristics of intrusion detection, still there is huge imbalance between the classes in the NSL-KDD dataset, which makes harder to apply machine learning effectively in the area of intrusion detection. In dealing with class imbalance in thi...
Source
#1Shi-Jinn Horng (NTUST: National Taiwan University of Science and Technology)H-Index: 35
#2Ming-Yang Su (MCU: Ming Chuan University)H-Index: 3
Last. Citra Dwi Perkasa (NTUST: National Taiwan University of Science and Technology)H-Index: 1
view all 7 authors...
This study proposed an SVM-based intrusion detection system, which combines a hierarchical clustering algorithm, a simple feature selection procedure, and the SVM technique. The hierarchical clustering algorithm provided the SVM with fewer, abstracted, and higher-qualified training instances that are derived from the KDD Cup 1999 training set. It was able to greatly shorten the training time, but also improve the performance of resultant SVM. The simple feature selection procedure was applied to...
Source
#1John Aldo LeeH-Index: 52
#2Michel VerleysenH-Index: 61
Methods of dimensionality reduction provide a way to understand and visualize the structure of complex data sets. Traditional methods like principal component analysis and classical metric multidimensional scaling suffer from being based on linear models. Until recently, very few methods were able to reduce the data dimensionality in a nonlinear way. However, since the late nineties, many new methods have been developed and nonlinear dimensionality reduction, also called manifold learning, has b...
#1Ian T. Jolliffe (Aberd.: University of Aberdeen)H-Index: 41
When large multivariate datasets are analyzed, it is often desirable to reduce their dimensionality. Principal component analysis is one technique for doing this. It replaces the p original variables by a smaller number, q, of derived variables, the principal components, which are linear combinations of the original variables. Often, it is possible to retain most of the variability in the original variables with q very much smaller than p. Despite its apparent simplicity, principal component ana...
Source
#1Xin Xu (National University of Defense Technology)H-Index: 5
#2Xuening Wang (National University of Defense Technology)H-Index: 1
Network intrusion detection is an important technique in computer security. However, the performance of existing intrusion detection systems (IDSs) is unsatisfactory since new attacks are constantly developed and the speed of network traffic volumes increases fast. To improve the performance of IDSs both in accuracy and speed, this paper proposes a novel adaptive intrusion detection method based on principal component analysis (PCA) and support vector machines (SVMs). By making use of PCA, the d...
Source
Variable and feature selection have become the focus of much research in areas of application for which datasets with tens or hundreds of thousands of variables are available. These areas include text processing of internet documents, gene expression array analysis, and combinatorial chemistry. The objective of variable selection is three-fold: improving the prediction performance of the predictors, providing faster and more cost-effective predictors, and providing a better understanding of the ...
Source
#1Srinivas MukkamalaH-Index: 26
Last. Andrew H. SungH-Index: 39
view all 3 authors...
Information security is an issue of serious global concern. The complexity, accessibility, and openness of the Internet have served to increase the security risk of information systems tremendously. This paper concerns intrusion detection. We describe approaches to intrusion detection using neural networks and support vector machines. The key ideas are to discover useful patterns or features that describe user behavior on a system, and use the set of relevant features to build classifiers that c...
Source
#1Stefan Axelsson (Chalmers University of Technology)H-Index: 14
This paper presents a taxonomy of intrusion detection systems that is then used to survey and classify a number of research prototypes. The taxonomy consists of a classification first of the detection principle, and second of certain operational aspects of the intrusion detection system as such. The systems are also grouped according to the increasing difficulty of the problem they attempt to address. These classifications are used predictively, pointing towards a number of areas of future resea...
Cited By9
Newest
#1Pankaj Kumar Keserwani (National Institute of Technology Sikkim)H-Index: 3
#2Mahesh Chandra Govil (National Institute of Technology Sikkim)H-Index: 12
Last. Prajjval Govil (JK Lakshmipat University)H-Index: 1
view all 4 authors...
The Internet of Things (IoT) is adding the advancement in the technology for creating smart environments to facilitate humans for various works. The technological developments provide many comfort and opportunities to the businesses and open the doors for the intruders or attackers to explore and exploit various attacks to evade the IoT networks鈥 security. Hence, security and privacy are the key anxiety to the IoT network model. Protection of computer and IoT networks from various types of attac...
Source
#2Neha Gupta (Dept. of Computer Science, University of Delhi)H-Index: 5
Network-based Intrusion Detection Systems (NIDSs) identify malicious activities by analyzing network traffic. NIDSs are trained with the samples of benign and intrusive network traffic. Training samples belong to either majority or minority classes depending upon the number of available instances. Majority classes consist of abundant samples for the normal traffic as well as for recurrent intrusions. Whereas, minority classes include fewer samples for unknown events or infrequent intrusions. NID...
Source
#1Sharipuddin (Sriwijaya University)H-Index: 1
#2Benni Purnama (Sriwijaya University)H-Index: 3
Last. Rahmat Budiarto (Al Baha University)H-Index: 13
view all 8 authors...
Feature extraction solves the problem of finding the most efficient and comprehensive set of features. A Principle Component Analysis (PCA) feature extraction algorithm is applied to optimize the effectiveness of feature extraction to build an effective intrusion detection method. This paper uses the Principal Components Analysis (PCA) for features extraction on intrusion detection system with the aim to improve the accuracy and precision of the detection. The impact of features extraction to at...
Source
#1Yasir Hamid (PEC: Pondicherry Engineering College)H-Index: 7
#2M. Sugumaran (PEC: Pondicherry Engineering College)H-Index: 7
With the increased dependence on the internet for day to day activities, the need to keep the networks secure has become more vital. The quest of securing the computer systems and networks, from the users with destructive mindset, has resulted in the invention of surfeit devices and methods. One such method against whom the responsibility of discriminating between normal and harmful data, flowing on the network is, intrusion detection system (IDS). In this work an IDS model based on support vect...
Source
#1Yasir Hamid (PEC: Pondicherry Engineering College)H-Index: 7
#2Firdous A. Shah (University of Kashmir)H-Index: 13
Last. M. Sugumaran (PEC: Pondicherry Engineering College)H-Index: 7
view all 3 authors...
Network Intrusion Detection is the process of analyzing the network traffic so as to unearth any unsafe and possibly disastrous exchanges happening over the network. In the nature of guaranteeing the confidentiality, availability, and integrity of any networking system, the accurate and speedy classification of the transactions becomes indispensable. The potential problem of all the Intrusion Detection System models at the moment, are lower detection rate for less frequent attack groups, and a h...
Source
Network Intrusion Detection is the process of monitoring the events occurring in a computer system or the network and analyzing them for the signs of possible intrusions. An intrusion is a potentially harmful activity of malicious user, aimed at compromising the confidentiality, availability and integrity of the system. Over the decades intrusion detection (ID) problem has been visited by the researchers in various available environments like finite state automata, rule based systems, Markov pro...
Source
#1Alberto Fern谩ndez (UGR: University of Granada)H-Index: 55
#2Salvador Garc铆a (UGR: University of Granada)H-Index: 55
Last. Nitesh V. Chawla (ND: University of Notre Dame)H-Index: 69
view all 4 authors...
The Synthetic Minority Oversampling Technique (SMOTE) preprocessing algorithm is considered "de facto" standard in the framework of learning from imbalanced data. This is due to its simplicity in the design of the procedure, as well as its robustness when applied to different type of problems. Since its publication in 2002, SMOTE has proven successful in a variety of applications from several different domains. SMOTE has also inspired several approaches to counter the issue of class imbalance, a...
Source
#1Leena Mary Francis (PEC: Pondicherry Engineering College)H-Index: 2
#2N. Sreenath (PEC: Pondicherry Engineering College)H-Index: 9
Abstract Text detection from the natural scene is considered to be a challenging problem due to the complex background, varied light intensity at different locations, a large variety of colors, diverse font style and size. This paper focusses on detecting candidate text objects from the scene. The image is initially preprocessed to remove the noise and enhance the contrast. Then the various objects of the scene are marked and extracted forming a pool of objects. A set of candidate text objects a...
Source
This website uses cookies.
We use cookies to improve your online experience. By continuing to use our website we assume you agree to the placement of these cookies.
To learn more, you can find in our Privacy Policy.