Skip to main content
SpringerLink
Log in

Feature Weighting and Selection for a Real-Time Network Intrusion Detection System Based on GA with KNN

  • Conference paper
Intelligence and Security Informatics (ISI 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5075))

Included in the following conference series:

Abstract

A good feature selection policy which can choose significant and as less as possible features plays a key role for any successful NIDS. The paper presents a genetic algorithm combined with kNN (k-Nearest Neighbor) for feature weighting. We weight all initial 35 features in the training phase and then select tops of them to implement a NIDS for testing. Many DoS/DDoS attacks are applied to evaluate the system. For known attacks we can get the best 97.42% overall accuracy rate while only the top 19 features are considered; as for unknown attacks, we can get the best 78% overall accuracy rate by top 28 features.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Middlemiss, M.J., Dick, G.: Weighted Feature Extraction using a Genetic Algorithm for Intrusion Detection. In: Proceedings of the Evolutionary Computation, vol. 3, pp. 1669–1675 (2003)

    Google Scholar 

  2. Hofman, A., Horeis, T., Sick, B.: Feature Selection for Intrusion Detection: An Evolutionary Wrapper Approach. In: Proceedings of the IEEE Neural Networks, vol. 2, pp. 1563–1568 (2004)

    Google Scholar 

  3. Sung, A.H., Mukkamala, S.: Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks. In: Proceedings of the IEEE Symposium on Applications and the Internet, pp. 209–216 (2003)

    Google Scholar 

  4. Abbes, T., Bouhoula, A., Rusinowitch, M.: Protocol Analysis in Intrusion Detection Using Decision Tree. In: Proceedings of the IEEE Conference on Information Technology: Coding and Computing, pp. 404–409 (2004)

    Google Scholar 

  5. Lee, C.H., Chung, J.W., Shin, S.W.: Network Intrusion Detection Through Genetic Feature Selection. In: Proceedings of the IEEE Conference on Software Engineering, Artifical Intelligence, Networking, and Parallel/Distributed Computind (SNPD), pp. 109–114 (2006)

    Google Scholar 

  6. The UCI KDD Archive, http://kdd.ics.uci.edu/databases/kddcup99/kddcup.names

  7. Stein, G., Chen, B., Wu, A.S., Hua, K.A.: Decision Tree Classifier f or Network Intrusion Detection With GA-based Feature Selection. In: Proceedings of the ACM Southeast Regional Conference, vol. 2, pp. 136–141 (2005)

    Google Scholar 

  8. Mukkamala, S., Sung, A.H.: Feature ranking and Selection for Intrusion Detection Using Support Vector Machines. In: Proceedings of the Conference on Information and Knowledge Engineering, pp. 503–509 (2002)

    Google Scholar 

  9. DARPA 1999 Intrusion Detection Evaluation, http://www.ll.mit.edu/IST/ideval/data/data_index.html

  10. Holland, J.H.: Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence. MIT Press, Cambridge (1992)

    Google Scholar 

  11. IP Traffic, http://www.omnicor.com/netest.htm

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Engineering, Ming Chuan University, Taoyuan Campus, Taiwan

    Ming-Yang Su, Kai-Chi Chang, Hua-Fu Wei & Chun-Yuen Lin

Authors
  1. Ming-Yang Su
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kai-Chi Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hua-Fu Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chun-Yuen Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. The Chinese University of Hong Kong, Hong Kong

    Christopher C. Yang

  2. The University of Arizona, USA

    Hsinchun Chen

  3. The University of Hong Kong, Hong Kong

    Michael Chau

  4. Nanyang Technological University, Singapore

    Kuiyu Chang

  5. University of Central Florida, USA

    Sheau-Dong Lang

  6. Tatung University, Taiwan

    Patrick S. Chen

  7. California University of Pennsylvania, USA

    Raymond Hsieh

  8. University of Arizona and Chinese Academy of Sciences, USA

    Daniel Zeng

  9. Chinese Academy of Sciences, China

    Fei-Yue Wang  & Wenji Mao  & 

  10. Carnegie Mellon University, USA

    Kathleen Carley  & Justin Zhan  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Su, MY., Chang, KC., Wei, HF., Lin, CY. (2008). Feature Weighting and Selection for a Real-Time Network Intrusion Detection System Based on GA with KNN. In: Yang, C.C., et al. Intelligence and Security Informatics. ISI 2008. Lecture Notes in Computer Science, vol 5075. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69304-8_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69304-8_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69136-5

  • Online ISBN: 978-3-540-69304-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation