Particle swarm optimization and feature selection for intrusion detection system

Abstract

The network traffic in the intrusion detection system (IDS) has unpredictable behaviour due to the high computational power. The complexity of the system increases; thus, it is required to investigate the enormous number of features. However, the features that are inappropriate and (or) have some noisy data severely affect the performance of the IDSs. In this study, we have performed feature selection (FS) through a random forest algorithm for reducing irrelevant attributes. It makes the underlying task of intrusion detection effective and efficient. Later, a comparative study is carried through applying different classifiers, e.g., k Nearest Neighbour (k-NN), Support Vector Machine (SVM), Logistic Regression (LR), decision tree (DT) and Naive Bayes (NB) for measuring the different IDS metrics. The particle swarm optimization (PSO) algorithm was applied on the selective features of the NSL-KDD dataset, which cut down the false alarm rate and enhanced the detection rate and the accuracy of the IDS as compared with the mentioned state-of-the-art classifiers. This study includes the accuracy, precision, false-positive rate and the detection rate as performance metrics for the IDSs. The experimental results show low computational complexity, 99.32% efficiency and 99.26% detection rate on the selected features (=10) out of a complete set (= 41).

References

1. 1

   Aghdam M H and Kabiri P 2016 Feature selection for intrusion detection system using ant colony optimization. IJ Netw. Secur. 18(3): 420–432

2. 2

   Modi C, Patel D, Borisaniya B, Patel H, Patel A and Rajarajan M 2013 A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36(1): 42–57

3. 3

   Myerson J M 2002 Identifying enterprise network vulnerabilities. Int. J. Netw. Manag. 12(3): 135–144

4. 4

   Liao H J, Lin C H R, Lin Y C and Tung K Y 2013 Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1): 16–24

5. 5

   Bhuyan M H, Bhattacharyya D K and Kalita J K 2014 Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16(1): 303–336

6. 6

   Teodoro P G, Verdejo J D, Fernandez G M and Vazquez E 2009 Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(2): 18–28

7. 7

   Sperotto A, Schaffrath G, Sadre R, Morariu C, Pras A and Stiller B 2010 An overview of ip flow-based intrusion detection. IEEE Commun. Surv. Tutor. 12(3): 343–356

8. 8

   Xue B, Zhang M and Browne W N 2013 Particle swarm optimization for feature selection in classification: a multi-objective approach. IEEE Trans. Cybern. 43(6): 1656–1671

9. 9

   Xue B, Zhang M and Browne W N 2014 Particle swarm optimisation for feature selection in classification: novel initialisation and updating mechanisms. Appl. Soft Comput. 18: 261–276

10. 10

    Yang H, Lyu M R and King I 2013 Efficient online learning for multitask feature selection. ACM Trans. Knowl. Discov. Data 7(2): 1–6

11. 11

    Dhanabal L and Shantharajah S P 2015 A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. Int. J. Adv. Res. Comput. Commun. Eng. 4–6: 446–452

12. 12

    Tavallaee M, Bagheri E, Lu W and Ghorbani A A 2009 A detailed analysis of the KDD cup 99 data set. In: Proceedings of the IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6

13. 13

    Maza S and Touahria M 2019 Feature selection for intrusion detection using new multi-objective estimation of distribution algorithms. Appl. Intell. 49(1): 1–21

14. 14

    Alzubi Q M, Anbar M, Alqattan Z N M, Al-Betar M A and Abdullah R 2019 Intrusion detection system based on a modified binary grey wolf optimisation. Neural Comput. Appl., pp. 1–13

15. 15

    Ganapathy S, Kulothungan K, Muthurajkumar S, Vijayalakshmi M, Yogesh P and Kannan A 2013 Intelligent feature selection and classification techniques for intrusion detection in networks: a survey. EURASIP J. Wirel. Commun. Netw. 1: 242–255

16. 16

    Ahmad I and Amin F 2014 Towards feature subset selection in intrusion detection. In: Proceedings of the 7th IEEE Joint International Information Technology and Artificial Intelligence Conference, pp. 68–73

17. 17

    Franco E D L H, Garcia A O, Lopera J O, Correa E D L H and Palechor M F 2015 Implementation of an intrusion detection system based on self organizing map. J. Theor. Appl. Inf. Technol. 71(3): 324–334

18. 18

    Eesa A S, Orman Z and Brifcani A M A 2015 A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst. Appl. 42(5): 2670–2679

19. 19

    Chebrolu S, Abraham A and Thomas J P 2005 Feature deduction and ensemble design of intrusion detection systems. Comput. Secur. 24(4): 295–307

20. 20

    Zhang L, Zhang G, Yu L, Zhang J and Bai Y 2004 Intrusion detection using rough set classification. J. Zhejiang Univ. Sci. A 5(9): 1076–1086

21. 21

    Deb K 1999 An introduction to genetic algorithms. Sadhana 24(5): 293–315

22. 22

    Kaushik S S and Deshmukh P R 2011 Detection of attacks in an intrusion detection system. Int. J. Comput. Sci. Inf. Technol. 2(3): 982–986

23. 23

    Tsai C F, Hsu Y F, Lin C Y and Lin W Y 2009 Intrusion detection by machine learning: a review. Expert Syst. Appl. 36(10): 11994–12000

24. 24

    Modi C and Patel D 2018 A feasible approach to intrusion detection in virtual network layer of cloud computing. Sadhana 43(7): 114

25. 25

    Seth J K and Chandra S 2016 Intrusion detection based on key feature selection using binary GWO. In: Proceedings of the 3rd International Conference on Computing for Sustainable Global Development (INDIACom), pp. 3735–3740

26. 26

    Mazini M, Shirazi B and Mahdavi I 2018 Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and adaboost algorithms. J. King Saud Univ. Comput. Inf. Sci., pp. 541–553

27. 27

    Kumar M and Sharma A 2017 An integrated framework for software vulnerability detection, analysis and mitigation: an autonomic system. Sadhana 42(9): 1481–1493

28. 28

    Alzubi Q M, Anbar M, Alqattan Z N M, Al-Betar M A and Abdullah R 2019 Intrusion detection system based on a modified binary grey wolf optimisation. Neural Comput. Appl., pp. 1–13

29. 29

    Bharathy A M V and Basha A M 2017 A multi-class classification MCLP model with particle swarm optimization for network intrusion detection. Sadhana 42(5): 631–640

30. 30

    Xue Y, Xue B and Zhang M 2019 Self-adaptive particle swarm optimization for large-scale feature selection in classification. ACM Trans. Knowl. Discov. Data 13(5): 1–27

31. 31

    Bostani H and Sheikhan M 2017 Hybrid of binary gravitational search algorithm and mutual information for feature selection in intrusion detection systems. Soft. Comput. 21(9): 2307–2324

32. 32

    Sung A H and Mukkamala S 2003 Identifying important features for intrusion detection using support vector machines and neural networks. In: Proceedings of the Symposium on Applications and the Internet, pp. 209–216

33. 33

    Xue Y, Jia W, Zhao X and Pang W 2018 An evolutionary computation based feature selection method for intrusion detection. Secur. Commun. Netw., pp. 1–10

34. 34

    Wu Y, Hoi S C, Mei T and Yu N 2017 Large scale online feature selection for ultra-high dimensional sparse data. ACM Trans. Knowl. Discov. Data 11(4): 48

35. 35

    Yu K, Wu X, Ding W and Pei J 2016 Scalable and accurate online feature selection for big data. ACM Trans. Knowl. Discov. Data 11(2): 16

36. 36

    Yang X S 2010 Nature-inspired metaheuristic algorithms. Luniver Press, pp. 1–75

37. 37

    Zhang Y, Song X and Gong D 2017 A return cost-based binary firefly algorithm for feature selection. Inf. Sci. 418: 561–574

38. 38

    Bharti K K and Singh P K 2016 Opposition chaotic fitness mutation based adaptive inertia weight BPSO for feature selection in text clustering. Appl. Soft Comput. 43: 20–34

39. 39

    Zhang Y, Gong D, Hu Y and Zhang W 2015 Feature selection algorithm based on bare bones particle swarm optimization. Neurocomputing 148: 150–157

40. 40

    Xue B, Zhang M and Browne W N 2014 Particle swarm optimisation for feature selection in classification: novel initialisation and updating mechanisms. Appl. Soft Comput. 18: 261–276

41. 41

    Cortes C and Vapnik V 1995 Support-vector networks. Mach. Learn. 20(3): 273–297

42. 42

    Smola A J and Scholkopf B 2004 A tutorial on support vector regression. Stat. Comput. 14(3): 199–222

43. 43

    Zhang Y and Wang S 2015 Detection of Alzheimer’s disease by displacement field and machine learning. PeerJ 3: e1251

44. 44

    Pearl J 2014 Probabilistic reasoning in intelligent systems: networks of plausible inference. Elsevier, pp. 1–551

45. 45

    Zhang H 2004 The optimality of naive Bayes. AA 1(2): 1–6

46. 46

    Fukunage K and Narendra P M 1975 A branch and bound algorithm for computing k-nearest neighbors. IEEE Trans. Comput.  7: 750–753

47. 47

    Altman N S 1992 An introduction to kernel and nearest-neighbor nonparametric regression. Am. Stat. 46(3): 175–185

48. 48

    Safavian S R and Landgrebe D 1991 A survey of decision tree classifier methodology. IEEE Trans. Syst. Man Cybern. 21(3): 660–674

49. 49

    Hosmer Jr D W, Lemeshow S and Sturdivant R X 2013 Applied logistic regression. John Wiley & Sons, vol. 398, pp. 1–511

50. 50

    Liaw A, Wiener M 2002 Classification and regression by random forest. R News 2(3): 18–22

51. 51

    Zhang H and Singer B H 2010 Recursive partitioning and applications. Springer Science & Business Media, pp. 1–258.

52. 52

    Lorena A C, Jacintho L F, Siqueira M F, Giovanni R D, Lohmann L G, Carvalho A C D and Yamamoto M 2011 Comparing machine learning classifiers in potential distribution modelling. Expert Syst. Appl. 38(5): 5268–5275

53. 53

    Breiman L 2001 Random forests. Mach. Learn. 45(1): 5–32

54. 54

    Cutler A, Cutler D R and Stevens J R 2012 Random forests. Ensemble Mach. Learn. 45(1): 157–175

55. 55

    Kennedy J 2006 Swarm intelligence. In: Handbook of Nature-inspired and Innovative Computing, pp. 187–219

56. 56

    Bonabeau E, Marco D R D F, Dorigo M and Theraulaz G 1999 Swarm intelligence: from natural to artificial systems. Oxford University Press, vol. 1, pp. 1–320

57. 57

    Kennedy J 2010 Particle swarm optimization. In: Encyclopedia of Machine Learning, pp. 760–766

58. 58

    Zhang Y, Wang S and Ji G 2015 A comprehensive survey on particle swarm optimization algorithm and its applications. Math. Probl. Eng., pp. 1–39

59. 59

    Mirjalili S, Wang G G and Coelho L S 2014 Binary optimization using hybrid particle swarm optimization and gravitational search algorithm. Neural Comput. Appl. 25(6): 1423–1435

60. 60

    Kumar D and Ramakrishnan A G 2016 Binary classification posed as a quadratically constrained quadratic programming and solved using particle swarm optimization. Sadhana 41(3): 289–298

61. 61

    Singh P, Verma A and Chaudhari N S 2015 Feature selection based classifier combination approach for handwritten devanagari numeral recognition. Sadhana 40(6): 1701–1714

62. 62

    Dash M and Liu H 1997 Feature selection for classification. Intell. Data Anal. 1(4): 131–156

63. 63

    Elngar A, Mohamed D and Ghaleb F 2013 A real-time anomaly network intrusion detection system with high accuracy. Inf. Sci. Lett. 2(2): 49–56

64. 64

    Ren J, Guo J, Qian W, Yuan H, Hao X and Jingjing H 2019 Building an effective intrusion detection system by using hybrid data optimization based on machine learning algorithms. Secur. Commun. Netw.s, pp. 1–12

65. 65

    Gudise V G and Venayagamoorthy G K 2003 Comparison of particle swarm optimization and backpropagation as training algorithms for neural networks. In: Proceedings of the IEEE Swarm Intelligence Symposium, SIS03, pp. 110–117

66. 66

    Sierra M R and Coello C A C 2006 Multiobjective particle swarm optimizers: a survey of the state-of-the-art. Int. J. Comput. Intell. Res. 2(3): 287–308

67. 67

    Robinson R and Samii Y R 2004 Particle swarm optimization in electromagnetics. IEEE Trans. Antennas Propag. 52(2): 397–407

68. 68

    Abdmouleh Z, Gastli A, Brahim L B, Haouari M and Al-Emadi N A 2017 Review of optimization techniques applied for the integration of distributed generation from renewable energy sources. Renew. Energy 113: 266–280

69. 69

    Wang Z, Zhang Q and Zhang D 2007 A PSO based web document classification algorithm. In: Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007), vol. 3, pp. 659–664