Summary
Due to increasing incidence of cyber attacks and heightened concerns for cyber terrorism, implementing effective intrusion detection and prevention systems (IDPSs) is an essential task for protecting cyber security as well as physical security because of the great dependence on networked computers for the operational control of various infrastructures.
Building effective intrusion detection systems (IDSs), unfortunately, has remained an elusive goal owing to the great technical challenges involved; and computational techniques are increasingly being utilized in attempts to overcome the difficulties. This chapter presents a comparative study of using support vector machines (SVMs), multivariate adaptive regression splines (MARSs) and linear genetic programs (LGPs) for intrusion detection. We investigate and compare the performance of IDSs based on the mentioned techniques, with respect to a well-known set of intrusion evaluation data.
We also address the related issue of ranking the importance of input features, which itself is a problem of great interest. Since elimination of the insignificant and/or useless inputs leads to a simplified problem and possibly faster and more accurate detection, feature selection is very important in intrusion detection. Experiments on current real-world problems of intrusion detection have been carried out to assess the effectiveness of this criterion. Results show that using significant features gives the most remarkable performance and performs consistently well over the intrusion detection data sets we used.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Banzhaf, W., P. Nordin, E. R. Keller and F. D. Francone, 1998: Genetic programming: An introduction-on the automatic evolution of computer programs and its applications. Morgan Kaufmann.
Brameier, M., and W. Banzhaf, 2001: A comparison of linear genetic programming and neural networks in medical data mining. IEEE Transactions on Evolutionary Computation, 5(1), 17–26.
Cristianini, N., and S. J. Taylor, 2000: An introduction to support vector machines. Cambridge University Press.
Friedman, J. H., 1991: Multivariate adaptive regression splines. Annals of Statistics, 19, 1–141.
Joachims, T., 2000: Making large-scale SVM learning practical. LS8-Report, University of Dortmund.
— 2000: SVMlight is an implementation of support vector machines (SVMs) in C. Collaborative Research Center on Complexity Reduction in Multivariate Data (SFB475), University of Dortmund.
Kendall, K., 1998: A database of computer attacks for the evaluation of intrusion detection systems. Master’s Thesis, Massachusetts Institute of Technology.
Lee, W., and S. Stolfo, 2000: A framework for constructing features and models for intrusion detection systems.ACM Transactions on Information and System Security, 3, 227–61.
Mukkamala, S., and A. H. Sung, 2003: A comparative study of techniques for intrusion detection. Proceedings of 15th IEEE International Conference on Tools with Artificial Intelligence, IEEE Computer Society Press, 570–579.
— 2003: Feature selection for intrusion detection using neural networks and support vector machines. Journal of the Transportation Research Board of the National Academics, Transportation Research Record, No 1822, 33–9.
— 2003: Identifying significant features for network forensic analysis using artificial intelligence techniques. International Journal on Digital Evidence, IJDE, 1.
Sung, A. H., 1998: Ranking importance of input parameters of neural networks. Journal of Expert Systems with Applications, 15, 405–41.
Steinberg, D., P. L. Colla and K. Martin, 1999: MARS user guide. Salford Systems, San Diego.
Vapnik, V. N., 1995: The nature of statistical learning theory. Springer.
Webster, S. E., 1998: The development and analysis of intrusion detection algorithms. Master’s Thesis, Massachusetts Institute of Technology.
Rights and permissions
Copyright information
© 2005 Dr Sanghamitra Bandyopadhyay
About this chapter
Cite this chapter
Mukkamala, S., Sung, A.H. (2005). Significant Feature Selection Using Computational Intelligent Techniques for Intrusion Detection. In: Advanced Methods for Knowledge Discovery from Complex Data. Advanced Information and Knowledge Processing. Springer, London. https://doi.org/10.1007/1-84628-284-5_11
Download citation
DOI: https://doi.org/10.1007/1-84628-284-5_11
Publisher Name: Springer, London
Print ISBN: 978-1-85233-989-0
Online ISBN: 978-1-84628-284-3
eBook Packages: Computer ScienceComputer Science (R0)