Abstract
Intrusion detection systems detect attacks inside computers and networks, where the detection of the attacks must be in fast time and high rate. Various methods proposed achieved high detection rate, this was done either by improving the algorithm or hybridizing with another algorithm. However, they are suffering from the time, especially after the improvement of the algorithm and dealing with large traffic data. On the other hand, past researches have been successfully applied to the DNA sequences detection approaches for intrusion detection system; the achieved detection rate results were very low, on other hand, the processing time was fast. Also, feature selection used to reduce the computation and complexity lead to speed up the system. A new features selection method is proposed based on DNA encoding and on DNA keys positions. The current system has three phases, the first phase, is called pre-processing phase, which is used to extract the keys and their positions, the second phase is training phase; the main goal of this phase is to select features based on the key positions that gained from pre-processing phase, and the third phase is the testing phase, which classified the network traffic records as either normal or attack by using specific features. The performance is calculated based on the detection rate, false alarm rate, accuracy, and also on the time that include both encoding time and matching time. All these results are based on using two or three keys, and it is evaluated by using two datasets, namely, KDD Cup 99, and NSL-KDD. The achieved detection rate, false alarm rate, accuracy, encoding time, and matching time for all corrected KDD Cup records (311,029 records) by using two and three keys are equal to 96.97, 33.67, 91%, 325, 13 s, and 92.74, 7.41, 92.71%, 325 and 20 s, respectively. The results for detection rate, false alarm rate, accuracy, encoding time, and matching time for all NSL-KDD records (22,544 records) by using two and three keys are equal to 89.34, 28.94, 81.46%, 20, 1 s and 82.93, 11.40, 85.37%, 20 and 1 s, respectively. The proposed system is evaluated and compared with previous systems and these comparisons are done based on encoding time and matching time. The outcomes showed that the detection results of the present system are faster than the previous ones.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mulay SA, Devale PR, Garje GV (2010) Intrusion detection system using support vector machine and decision tree. Int J Comput Appl 3(3):40–43
Liu H, Yu L (2005) Towards integrating feature selection algorithms for classification and clustering. IEEE Trans Knowl Data Eng 17(4):491–502
Soram R, Khomdram M (2010) Biometric DNA and ECDLP based personal authentication system: a superior posse of security. Int J Comput Sci Netw Secur 10(1):1–9
John GH, Kohavi R, Pfleger K (1994) Irrelevant features and the subset selection problem. In: Proceeding of the 11th international conference on machine learning, Morgan Kaufmann Publishers, pp 121–129
Xian J, Peiyu L, Wei G, Xuezhi C (2011) An algorithm application in intrusion forensics based on improved information gain. In: Web Society (SWS), 3rd symposium on date of conference, pp 100–104
Zhang F, Wang D (2013) An effective feature selection approach for network intrusion detection. In: 2013 IEEE eighth international conference on networking, architecture and storage, Xi’an, China, 17–19 July 2013
Eesa A, Orman Z, Brifcani A (2014) A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst Appl 42(5):2670–2679
Othman ZA, Abu Bakar A, Etubal I (2010) Improving signature detection classification model using features selection based on customized features. In: 2010 10th International conference on intelligent systems design and applications, pp 1026–1031
Enache A, Sgarciu V (2015) A feature selection approach implemented with the binary bat algorithm applied for intrusion detection. In: 2015 38th International conference on telecommunications and signal processing (TSP), pp 11–15
Sindhu SS, Geetha S, Kannan A (2012) Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst Appl 39(1):129–141
Al-Jarrah OY, Siddiqui A, Elsalamouny M, Yoo PD, Muhaidat S, Kim K (2014) Machine-learning-based feature selection techniques for large-scale network intrusion detection. In: 2014 IEEE 34th international conference on distributed computing systems workshops, pp 177–181
Gharaee H, Hosseinvand H (2016) A new feature selection IDS based on genetic algorithm and SVM. In: 2016 8th International symposium on telecommunications
Ullah I, Mahmoud QH (2017) A filter-based feature selection model for anomaly-based intrusion detection systems. In: 2017 IEEE international conference on big data
Yusof AR, Udzir NI, Selamat A, Hamdan H, Abdullah M (2017) Adaptive feature selection for denial of services (DoS) attack. In: 2017 IEEE conference on application, information and network security
Anwer HM, Farouk M, Abdel-Hamid M (2018) A framework for efficient network anomaly intrusion detection with features selection. In: 2018 9th International conference on information and communication systems
Wu S, Benzhaf W (2010) The use of computation intelligence in intrusion detection systems. Appl Soft Comput 10(1):1–35
Amiri F, Yousefi MR, Lucas C, Shakery A, Yazdni N (2011) Mutual information-based feature selection for intrusion detection systems. J Netw Comput Appl 34:1184–1199
Acknowledgements
This research was supported by FRGS grant (FRGS/1/2016/ICT02/UKM/02/8), funded by Ministry of Higher Education.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Rashid, O.F., Othman, Z.A., Zainudin, S. (2019). Features Selection for Intrusion Detection System Based on DNA Encoding. In: Piuri, V., Balas, V., Borah, S., Syed Ahmad, S. (eds) Intelligent and Interactive Computing. Lecture Notes in Networks and Systems, vol 67. Springer, Singapore. https://doi.org/10.1007/978-981-13-6031-2_23
Download citation
DOI: https://doi.org/10.1007/978-981-13-6031-2_23
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-6030-5
Online ISBN: 978-981-13-6031-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)