An Approach for Optimizing Ensemble Intrusion Detection Systems

Published on Jan 1, 2021in IEEE Access3.367
路 DOI :10.1109/ACCESS.2020.3046246
Deris Stiawan10
Estimated H-index: 10
,
Ahmad Heryanto3
Estimated H-index: 3
+ 7 AuthorsRahmat Budiarto13
Estimated H-index: 13
Sources
Abstract
Intrusion Detection System is yet an interesting research topic. With a very large amount of traffic in real-time networks, feature selection techniques that are effectively able to find important and relevant features are required. Hence, the most important and relevant set of features is the key to improve the performance of intrusion detection system. This study aims to find the best relevant selected features that can be used as important features in a new IDS dataset. To achieve the aim, an approach for generating optimized ensemble IDS is developed. Six features selection methods are used and compared, i.e.: Information Gain (IG), Gain Ratio (GR), Symmetrical Uncertainty (SU), Relief-F (R-F), One-R (OR) and Chi-Square (CS). The feature selection techniques produce sets of selected features. Each best selected number of features that are obtained from feature ranking step for respective feature selection technique will be used to classify attacks via four classification methods, i.e.: Bayesian Network (BN), Naive Bayesian (NB), Decision Tree: J48 and SOM. Then, each feature selection technique with its respective best features is combined with each classifier method to generate ensemble IDSs. Lastly, the ensemble IDSs are evaluated using Hold-up, K-fold validation approaches, as well as F-Measure and statistical validation approaches. Experimental results using Weka tools on ITD-UTM dataset show the optimized ensemble IDSs using (SU and BN); using (CS and BN) or (CS and SOM) or (IG and NB); and using (OR and BN) with respective ten, four and seven best selected features achieves 81.0316%, 85.2593%, and 80.8625% of accuracy, respectively. In addition, ensemble IDSs using (SU and BN) and using (OR and J48) with ten and six best respective selected features, perform the best F-measure value, i.e.: 0.853 and 0.830, respectively. Indirect comparison with other ensemble IDS on different dataset is discussed.
馃摉 Papers frequently viewed together
2020
1 Author (S R Khonde)
2002
References63
Newest
#1KurniabudiH-Index: 2
#2Deris StiawanH-Index: 10
Last. Rahmat BudiartoH-Index: 13
view all 6 authors...
Feature selection (FS) is one of the important tasks of data preprocessing in data analytics. The data with a large number of features will affect the computational complexity, increase a huge amount of resource usage and time consumption for data analytics. The objective of this study is to analyze relevant and significant features of huge network traffic to be used to improve the accuracy of traffic anomaly detection and to decrease its execution time. Information Gain is the most feature sele...
Source
#1Yuyang Zhou (SEU: Southeast University)H-Index: 4
#2Guang Cheng (SEU: Southeast University)H-Index: 7
Last. Mian Dai (SEU: Southeast University)H-Index: 1
view all 4 authors...
Abstract Intrusion detection system (IDS) is one of extensively used techniques in a network topology to safeguard the integrity and availability of sensitive assets in the protected systems. Although many supervised and unsupervised learning approaches from the field of machine learning have been used to increase the efficacy of IDSs, it is still a problem for existing intrusion detection algorithms to achieve good performance. First, lots of redundant and irrelevant data in high-dimensional da...
Source
#1Rania A. Ghazy (University of Sadat City)H-Index: 5
#2El-Sayed M. El-Rabaie (Menoufia University)H-Index: 12
Last. Fathi E. Abd El-Samie (Menoufia University)H-Index: 24
view all 5 authors...
This paper investigates the performance of different feature selection techniques such as ranking and subset-based techniques, aiming to find the optimum collection of features to detect attacks with an appropriate classifier. The results reveal that more accuracy of detection and less false alarms are obtained after eliminating the redundant features and determining the most useful set of features, which increases the intrusion detection system (IDS) performance.
Source
#1Stuart Russell (University of California, Berkeley)H-Index: 74
#2Peter Norvig (SC: University of Southern California)H-Index: 24
The long-anticipated revision of this #1 selling book offers the most comprehensive, state of the art introduction to the theory and practice of artificial intelligence for modern applications. Intelligent Agents. Solving Problems by Searching. Informed Search Methods. Game Playing. Agents that Reason Logically. First-order Logic. Building a Knowledge Base. Inference in First-Order Logic. Logical Reasoning Systems. Practical Planning. Planning and Acting. Uncertainty. Probabilistic Reasoning Sys...
#1Deris StiawanH-Index: 1
Network intrusion detection research null is null one of null the major field in network security. It motivates a large number of researchers doing null research in this area to deal with the dynamic changes of intrusion techniques used. Unfortunately, the number of intrusion datasets that are publicly available are very limited. In most cases organization will not allow the data to become public for intrusion detection evaluation due to protecting their privacy. On the other hand, producing syn...
#1Ver贸nica Bol贸n-Canedo (University of A Coru帽a)H-Index: 26
#2Amparo Alonso-Betanzos (University of A Coru帽a)H-Index: 30
Abstract Ensemble learning is a prolific field in Machine Learning since it is based on the assumption that combining the output of multiple models is better than using a single model, and it usually provides good results. Normally, it has been commonly employed for classification, but it can be used to improve other disciplines such as feature selection. Feature selection consists of selecting the relevant features for a problem and discard those irrelevant or redundant, with the main goal of i...
Source
Machine learning has more and more effect on our every day鈥檚 life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can...
Source
#1Yi LiuH-Index: 2
#2Yanzhen WangH-Index: 2
Last. Xingchun DiaoH-Index: 1
view all 5 authors...
Imbalanced data are very common in the real world, and it may deteriorate the performance of the conventional classification algorithms. In order to resolve the imbalanced classification problems, we propose an ensemble classification method that combines evolutionary under-sampling and feature selection. We employ the Bootstrap method in original data to generate many sample subsets. V-statistic is developed to measure the distribution of imbalanced data, and it is also taken as the optimiza...
Source
#1I. Sumaiya Thaseen (VIT University)H-Index: 8
#2Ch. Aswani Kumar (VIT University)H-Index: 15
Last. Amir Ahmad (College of Information Technology)H-Index: 17
view all 3 authors...
Intrusion detection system is a device or software application that monitors a network of systems to identify any malicious activity or policy violations. In order to identify intrusions or normal activity, IDS would consider different network-related features such as source address, protocol and flag. The major challenge for any intrusion detection model is to achieve maximum accuracy with minimal false alarms. The aim of this paper is to identify the critical features required in the construct...
Source
#1Arijit Chandra (Amity University)H-Index: 2
#2Sunil Kumar Khatri (Amity University)H-Index: 11
Last. Rajbala Simon (Amity University)H-Index: 4
view all 3 authors...
Intrusion Detection Systems (IDS) are administered by analysts for analysing system logs or data packets to predict malware in the network traffic. IDS automate this process for continuously increasing data in the network by using techniques based on machine learning and artificial intelligence, enabling packet detection without much human effort or intervention. Using machine learning to develop such systems can greatly influence delivering accurate and faster results with complex and intricate...
Source
Cited By2
Newest
Nowadays, it became difficult to ensure data security because of the rapid development of information technology according to the Vs of Big Data. To secure a network against malicious activities and to ensure data protection, an intrusion detection system played a very important role. The main objective was to obtain a high-performance solution capable of detecting different types of attacks around the system. The main aim of this paper is to study the lacks of traditional and open source Intrus...
Source
Ever since the internet became part of the everyday lives of humans providing network security has been considered of utmost importance. Over the years lot of time and energy has been devoted by people in the research community and industry to provide better, improved and secure mechanisms to ensure secure communications on the internet. Amongst the many fields of study, the most prominent and ever evolving one has been the study of network traffic for attack detection and mitigation. The advent...
Source
This website uses cookies.
We use cookies to improve your online experience. By continuing to use our website we assume you agree to the placement of these cookies.
To learn more, you can find in our Privacy Policy.