Significant Feature Selection Using Computational Intelligent Techniques for Intrusion Detection

Mukkamala, Srinivas; Sung, Andrew H.

doi:10.1007/1-84628-284-5_11

Srinivas Mukkamala &
Andrew H. Sung

Part of the book series: Advanced Information and Knowledge Processing ((AI&KP))

913 Accesses
16 Citations

Summary

Due to increasing incidence of cyber attacks and heightened concerns for cyber terrorism, implementing effective intrusion detection and prevention systems (IDPSs) is an essential task for protecting cyber security as well as physical security because of the great dependence on networked computers for the operational control of various infrastructures.

Building effective intrusion detection systems (IDSs), unfortunately, has remained an elusive goal owing to the great technical challenges involved; and computational techniques are increasingly being utilized in attempts to overcome the difficulties. This chapter presents a comparative study of using support vector machines (SVMs), multivariate adaptive regression splines (MARSs) and linear genetic programs (LGPs) for intrusion detection. We investigate and compare the performance of IDSs based on the mentioned techniques, with respect to a well-known set of intrusion evaluation data.

We also address the related issue of ranking the importance of input features, which itself is a problem of great interest. Since elimination of the insignificant and/or useless inputs leads to a simplified problem and possibly faster and more accurate detection, feature selection is very important in intrusion detection. Experiments on current real-world problems of intrusion detection have been carried out to assess the effectiveness of this criterion. Results show that using significant features gives the most remarkable performance and performs consistently well over the intrusion detection data sets we used.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Hardcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Banzhaf, W., P. Nordin, E. R. Keller and F. D. Francone, 1998: Genetic programming: An introduction-on the automatic evolution of computer programs and its applications. Morgan Kaufmann.
Google Scholar
Brameier, M., and W. Banzhaf, 2001: A comparison of linear genetic programming and neural networks in medical data mining. IEEE Transactions on Evolutionary Computation, 5(1), 17–26.
Article Google Scholar
Cristianini, N., and S. J. Taylor, 2000: An introduction to support vector machines. Cambridge University Press.
Google Scholar
Friedman, J. H., 1991: Multivariate adaptive regression splines. Annals of Statistics, 19, 1–141.
MathSciNet MATH Google Scholar
Joachims, T., 2000: Making large-scale SVM learning practical. LS8-Report, University of Dortmund.
Google Scholar
— 2000: SVMlight is an implementation of support vector machines (SVMs) in C. Collaborative Research Center on Complexity Reduction in Multivariate Data (SFB475), University of Dortmund.
Google Scholar
Kendall, K., 1998: A database of computer attacks for the evaluation of intrusion detection systems. Master’s Thesis, Massachusetts Institute of Technology.
Google Scholar
Lee, W., and S. Stolfo, 2000: A framework for constructing features and models for intrusion detection systems.ACM Transactions on Information and System Security, 3, 227–61.
Article Google Scholar
Mukkamala, S., and A. H. Sung, 2003: A comparative study of techniques for intrusion detection. Proceedings of 15^th IEEE International Conference on Tools with Artificial Intelligence, IEEE Computer Society Press, 570–579.
Google Scholar
— 2003: Feature selection for intrusion detection using neural networks and support vector machines. Journal of the Transportation Research Board of the National Academics, Transportation Research Record, No 1822, 33–9.
Google Scholar
— 2003: Identifying significant features for network forensic analysis using artificial intelligence techniques. International Journal on Digital Evidence, IJDE, 1.
Google Scholar
Sung, A. H., 1998: Ranking importance of input parameters of neural networks. Journal of Expert Systems with Applications, 15, 405–41.
Google Scholar
Steinberg, D., P. L. Colla and K. Martin, 1999: MARS user guide. Salford Systems, San Diego.
Google Scholar
Vapnik, V. N., 1995: The nature of statistical learning theory. Springer.
Google Scholar
Webster, S. E., 1998: The development and analysis of intrusion detection algorithms. Master’s Thesis, Massachusetts Institute of Technology.
Google Scholar

Download references

Authors

Srinivas Mukkamala
View author publications
You can also search for this author in PubMed Google Scholar
Andrew H. Sung
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Mukkamala, S., Sung, A.H. (2005). Significant Feature Selection Using Computational Intelligent Techniques for Intrusion Detection. In: Advanced Methods for Knowledge Discovery from Complex Data. Advanced Information and Knowledge Processing. Springer, London. https://doi.org/10.1007/1-84628-284-5_11

Download citation

DOI: https://doi.org/10.1007/1-84628-284-5_11
Publisher Name: Springer, London
Print ISBN: 978-1-85233-989-0
Online ISBN: 978-1-84628-284-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics