A Survey of Feature Selection Techniques in Intrusion Detection System: A Soft Computing Perspective

  • P. Ravi Kiran Varma
  • V. Valli Kumari
  • S. Srinivas Kumar
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 710)


In the process of detecting different kinds of attacks in anomaly-based intrusion detection system (IDS), both normal and attack data are profiled with the help of selected attributes. Various types of attributes are collected to create the attack and normal traffic patterns. Some of the attributes are derived from protocol header fields, and some of them represent continuous information profiled over a period. “Curse of Dimensionality” is one of the major issues in IDS. The computational complexity of the model generation and classification time of IDS is directly proportional to the number of attributes of the profile. In a typical IDS preprocessing stage, more significant features among the available features are selected. This paper presents a brief taxonomy of several feature selection methods with emphasis on soft computing techniques, viz., rough sets, fuzzy rough sets, and ant colony optimization.


Intrusion detection system IDS Feature selection Soft computing Survey 


  1. 1.
    P Ravi Kiran Varma, V Valli Kumari and S Srinivas Kumar, “Packet Filter Firewall Rule Anomalies and Mitigation Techniques: A Technical Review,” CiiT International Journal of Networking and Communication Engineering, vol. 9, no. 4, pp. 101–108, 2017.Google Scholar
  2. 2.
    Ravi Kiran Varma P, Valli Kumari V and Srinivas Kumar S, “Ant colony optimization-based firewall anomaly mitigation engine,” Springerplus, vol. 5, no. 1, pp. 1–32, 2016.Google Scholar
  3. 3.
    J. P. Anderson, “Computer Security Threat Monitoring and Surveillance,” NIST, USA, Fort Washington, PA, 1980.Google Scholar
  4. 4.
    E. D. Dorothy, “An Intrusion-Detection Model,” IEEE Transactions on software engineering, vol. 13, no. 2, pp. 222–232, 1987.Google Scholar
  5. 5.
    F. T. Lunt, “A survey of intrusion detection techniques,” Computers and Security, vol. 12, pp. 405–418, 1993.CrossRefGoogle Scholar
  6. 6.
    M. John, C. Alan and A. Julia, “Defending Yourself: The role of Intrusion Detection Systems,” IEEE Software, vol. 17, no. 5, pp. 42–51, 2000.CrossRefGoogle Scholar
  7. 7.
    G K J Andreas, N G Wilfried, A D Michael and F E Gerhard, “On the Relationship between feature selection and classification accuracy,” JMLR Workshop and Conference Proceedings, vol. 4, pp. 90–105, 2008.Google Scholar
  8. 8.
    Z. Pawlak, “Rough Set Theory and its Applications,” Journal of Telecommunications and Information Technology, vol. 3, no. 2, pp. 7–10, 2002.Google Scholar
  9. 9.
    Z. Pawlak, “Rough Sets,” International Journal of Computer and Information Sciences, vol. 11, no. 5, pp. 341–356, 1982.MathSciNetCrossRefGoogle Scholar
  10. 10.
    S. Rissino and G. Lambert-Torres, “Rough Set Theory – Fundamental Concepts, Principals, Data Extraction, and Applications,” in Data Mining and Knowledge Discovery in Real Life Applications, Julio Ponce and Adem Karahoca (Ed.), InTech, 2009.Google Scholar
  11. 11.
    J. G. Bazan, H. S. Nguyen, S. N. Hoa, S. Piotr and W. Jakub, “Rough Set Algorithms in Classification Problem,” in Rough Set Methods and Applications, Physica-Verlag, 2000, pp. 49–88.CrossRefGoogle Scholar
  12. 12.
    A. Chouchoulas and Q. Shen, “Rough Set-Aided Keyword Reduction for Text Categorisation,” Center for Intelligent Systems and their Applications, The University of Edingurgh, Edinburgh, UK, 2001.CrossRefGoogle Scholar
  13. 13.
    A. Skowron and C. Rauszer, “The discernibility matrices and functions in information systems,” in Intelligent Decision Support, Dordrecht, Kluwer Academic Publishers, 1992, pp. 331–362.CrossRefGoogle Scholar
  14. 14.
    R Jensen and Q Shen, “A Rough Set Aided System for Sorting WWW Bookmarks,” Web Intelligence: Research and Development, pp. 95–105, 2001.Google Scholar
  15. 15.
    R. W. Swiniarski and A. Skowron, “Rough set methods in feature selection and recognition,” Pattern Recognition Letters, pp. 833–849, 2003.CrossRefGoogle Scholar
  16. 16.
    I. Duntsch and G Gediga, “Rough Set Data Analysis,” Encyclopedia of Computer Science and Technology, vol. 43, no. 28, pp. 281–301, 2000.zbMATHGoogle Scholar
  17. 17.
    K. Thangavel and A. Pethalakshmi, “Dimensionality Reduction Based on Rough Set Theory: A Review,” Applied Soft Computing, pp. 1–12, 2009.CrossRefGoogle Scholar
  18. 18.
    “KDD Cup 1999 Data,” 28 Oct 1999. [Online]. Available: [Accessed 25 May 2015].
  19. 19.
    S. Ganapathy, K. Kulothungan, S. Muthurajkumar and M. Vijayalakshmi, “Intelligent feature selection and classification techniques for intrusion detection in networks: a survey,” EURASIP Journal on Wireless Communications and Networking, vol. 2013, no. 271, pp. 1–16, 2013.Google Scholar
  20. 20.
    T. P. Fries, “A Fuzzy-Genetic Approach to Network Intrusion Detection,” in Proceedings of the ACM GECCO’08, Atlanta, 2008.Google Scholar
  21. 21.
    Y. Li, B. Fang, G. Li and Y. Chen, “Network Anomaly Detection Based on TCM-KNN Algorithm,” in Proceedings of the ACM ASIA CCS’07, Singapore, 2007.Google Scholar
  22. 22.
    A. H. Sung and S. Mukkamala, “The Feature Selection and Intrusion Detection Problems,” in Advances in Computer Science -ASIAN 2004, LNCS Series, Springer Berlin Heidelberg, 2004, pp. 468–482.CrossRefGoogle Scholar
  23. 23.
    K. I. Rufai, R. C. Muniyandi and Z. A. Othman, “Improving Bee Algorithm Based Feature Selection in Intrusion Detection System Using Membrane Computing,” Journal of Networks, vol. 9, no. 3, pp. 523–529, 2014.CrossRefGoogle Scholar
  24. 24.
    V. Barot, S. S. Chauhan and B. Patel, “Feature Selection for Modeling Intrusion Detection,” I.J. Computer Network and Information Security, vol. 2014, no. 7, pp. 56–62, 2014.Google Scholar
  25. 25.
    I. Ahmed, “Feature Selection Using Particle Swarm Optimization in Intrusion Detection,” International Journal of Distributed Sensor Networks, vol. 2015, pp. 1–8, 2015.CrossRefGoogle Scholar
  26. 26.
    Ravi Kiran Varma P and Valli Kumari V, “Feature Optimization and Performance Improvement of a Multiclass Intrusion Detection System Using PCA and ANN,” International Journal of Computer Applications, vol. 44, no. 13, pp. 4–9, 2012.CrossRefGoogle Scholar
  27. 27.
    J. A. N. Feng, S. B. Yuefei and Z. A. Lin, “A relative decision entropy-based feature selection approach,” Pattern Recognition, vol. 48, no. 2015, pp. 2151–2163, 2015.zbMATHGoogle Scholar
  28. 28.
    Emiro de la Hoz, Eduardo de la Hoz, Andres Ortiz, Julio Ortega and Atonio Martenez-Alvarez, “Feature selection by multi-objective optimisation: Application to network anomaly detection by hierarchical self-organizing maps,” Knowledge-Based Systems, vol. 71, no. 2014, pp. 322–338, 2014.CrossRefGoogle Scholar
  29. 29.
    Ifthikar Ahmed, Azween Abdullah, Abdullah Alghamdi and Muhammad Hussain, “Optimized intrusion detection mechanism using soft computing techniques,” Telecommunication Systems, vol. 52, no. 4, pp. 2187–2195, 2013.CrossRefGoogle Scholar
  30. 30.
    A. Adel Sabry Eesa, B. Zeynep Orman and C. Adnan Mohsin Abdulazeez Brifcani, “A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems,” Expert Systems with Applications, vol. 42, no. 2015, pp. 2670–2679, 2015.CrossRefGoogle Scholar
  31. 31.
    Y. Y. Chunga and N. Wahidb, “A hybrid network intrusion detection system using simplified swarm optimization (SSO),” Applied Soft Computing, vol. 12, no. 2012, pp. 3014–3022, 2012.CrossRefGoogle Scholar
  32. 32.
    W. Xingzhu, “ACO and SVM Selection Feature Weighting of Network Intrusion Detection Method,” International Journal of Security and its Applications, vol. 9, no. 4, pp. 129–270, 2015.CrossRefGoogle Scholar
  33. 33.
    S. Muthurajkumar, K. Kulothungan, M. Vijayalakshmi, N. Jaisankar and A. Kannan, “A Rough Set based Feature Selection Algorithm for Effective Intrusion Detection in Cloud Model,” in Elsevier Science and Technology, Elsevier, 2013, pp. 8–13.Google Scholar
  34. 34.
    W. Chimphlee, A. H. Abdullah, M. N. M. Sap, S. Chimphlee and S. Srinoy, “A Rough-Fuzzy Hybrid Algorithm for Computer Intrusion Detection,” The International Arab Journal of Information Technology, vol. 4, no. 3, pp. 247–254, 2007.Google Scholar
  35. 35.
    Rung-Ching, C. Kai-Fan and H. Chai-Fen, “Using Rough Set and Support Vector Machine for network intrusion detection,” International Journal of Network Security & its Applications, vol. 1, no. 1, pp. 1–13, 2009.Google Scholar
  36. 36.
    C.-J. Liu, “The Application of Rough Sets on Network Intrusion Detection,” in Proceedings of the Sixth International Conference on Machine Learning and Cybernetics, Hong Kong, 2007.Google Scholar
  37. 37.
    C. Gu and X. Zhang, “A Rough Set and SVM Based Intrusion Detection Classifier,” in IEEE Second International Workshop on Computer Science and Engineering, Qingdao, 2009.Google Scholar
  38. 38.
    L.-z. Lin, Z.-g. Liu and X.-h. Duan, “Network Intrusion Detection by a Hybrid Method of Rough Set and RBF Neural Network,” in IEEE Proceddings of the 2nd International Conference on Education Technology and Computer, Shangai, 2010.Google Scholar
  39. 39.
    Z. Anazida, M. Mohd Aizani and S. Siti Marijam, “Features Selection Using Rough-DPSO in Anomaly Intrusion Detecttion,” in Springer LNCS: Computational Science and Its Applications-ICCSA, Kuala Lumpur, Malaysia, 2007.Google Scholar
  40. 40.
    N. Sengupta and J. Sen, “Designing of online intrusion detection system using rough set theory and Q-learning algorithm,” Neurocomputing, vol. 111, pp. 161–168, 2013.CrossRefGoogle Scholar
  41. 41.
    Ravi Kiran Varma P, Valli Kumari V and Srinivas Kumar S, “A Novel Rough Set Attribute Reduction based on Rough Sets and Ant Colony Optimization,” International Journal Intelligent Systems Technologies and Applications, vol. 14, no. 3/4, pp. 330–353, 2015.Google Scholar
  42. 42.
    P. R. K. Varma, V. V. Kumari and S. S. Kumar, “Application of Rough Sets and Ant Colony Optimization in feature selection for Network Intrusion Detection,” International Journal of Applied Engineering Research, vol. 10, no. 22, pp. 43156–43163, 2015.Google Scholar
  43. 43.
    Ravi Kiran Varma P, Valli Kumari V and Srinivas Kumar S, “Feature selection using relative fuzzy entropy and ant colony optimization applied to real-time intrusion detection system,” Procedia Computer Science, vol. 85, no. 2016, pp. 503–510, 2016.CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  • P. Ravi Kiran Varma
    • 1
  • V. Valli Kumari
    • 2
  • S. Srinivas Kumar
    • 3
  1. 1.MVGR College of EngineeringVizianagaramIndia
  2. 2.Andhra University College of EngineeringVisakhapatnamIndia
  3. 3.University College of Engineering KakinadaJNT UniversityKakinadaIndia

Personalised recommendations