Feature Selection with IG-R for Improving Performance of Intrusion Detection System

As the popularity of the internet computer continued to grow and become an indispensable in human life, the security of computer network has become an important issue in computer security field. The Intrusion Detection System (IDS) is a system used in computer security for network security. The feature selection stage of IDS is considered to be the most critical stage in IDS. This stage is very costly both in efforts and time. However, many machine learning approaches have been presented to improve this stage in order to improve the performance of an IDS. However, these approaches did not give desirable results with respect to the detection accuracy in the IDS. A novel technique is proposed in this paper combining the Information Gain and Ranker (IG+R) method as the feature selection strategy with Naïve Bayes (NB), Support Vector Machine (SVM) and K-Nearest Neighbor (KNN) as the classifiers. The performance of these IG+R-NB, IG+R-SVM, and IG+R-KNN was evaluated on NSLKDD dataset. The experimental results of our proposed method gave high accuracy and low false alarm rate. The results obtained was compared and benchmarked with existing works. The results of this paper outperformed the existing approaches in terms of the detection accuracy

Feature Selection using the concept of Peafowl Mating in IDS

Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS

Anomaly Detection in Sequential Data: A Deep Learning-Based Approach

Anomaly Detection has been researched in various domains with several applications in intrusion detection, fraud detection, system health management, and bio-informatics. Conventional anomaly detection methods analyze each data instance independently (univariate or multivariate) and ignore the sequential characteristics of the data. Anomalies in the data can be detected by grouping the individual data instances into sequential data and hence conventional way of analyzing independent data instances cannot detect anomalies. Currently: (1) Deep learning-based algorithms are widely used for anomaly detection purposes. However, significant computational overhead time is incurred during the training process due to static constant batch size and learning rate parameters for each epoch, (2) the threshold to decide whether an event is normal or malicious is often set as static. This can drastically increase the false alarm rate if the threshold is set low or decrease the True Alarm rate if it is set to a remarkably high value, (3) Real-life data is messy. It is impossible to learn the data features by training just one algorithm. Therefore, several one-class-based algorithms need to be trained. The final output is the ensemble of the output from all the algorithms. The prediction accuracy can be increased by giving a proper weight to each algorithm\u27s output. By extending the state-of-the-art techniques in learning-based algorithms, this dissertation provides the following solutions: (i) To address (1), we propose a hybrid, dynamic batch size and learning rate tuning algorithm that reduces the overall training time of the neural network. (ii) As a solution for (2), we present an adaptive thresholding algorithm that reduces high false alarm rates. (iii) To overcome (3), we propose a multilevel hybrid ensemble anomaly detection framework that increases the anomaly detection rate of the high dimensional dataset