Performance evaluation of intrusion detection system using selected features and machine learning classifiers
Some of the main challenges in developing an effective network-based intrusion detection system (IDS) include analyzing large network traffic volumes and realizing the decision boundaries between normal and abnormal behaviors. Deploying feature selection together with efficient classifiers in the de...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Published: |
College of Science for Women, University of Baghdad
2021
|
| _version_ | 1825937483312922624 |
|---|---|
| author | Raja Mahmood, Raja Azlina Abdi, AmirHossien Hussin, Masnida |
| author_facet | Raja Mahmood, Raja Azlina Abdi, AmirHossien Hussin, Masnida |
| author_sort | Raja Mahmood, Raja Azlina |
| collection | UPM |
| description | Some of the main challenges in developing an effective network-based intrusion detection system (IDS) include analyzing large network traffic volumes and realizing the decision boundaries between normal and abnormal behaviors. Deploying feature selection together with efficient classifiers in the detection system can overcome these problems. Feature selection finds the most relevant features, thus reduces the dimensionality and complexity to analyze the network traffic. Moreover, using the most relevant features to build the predictive model, reduces the complexity of the developed model, thus reducing the building classifier model time and consequently improves the detection performance. In this study, two different sets of selected features have been adopted to train four machine-learning based classifiers. The two sets of selected features are based on Genetic Algorithm (GA) and Particle Swarm Optimization (PSO) approach respectively. These evolutionary-based algorithms are known to be effective in solving optimization problems. The classifiers used in this study are Naïve Bayes, k-Nearest Neighbor, Decision Tree and Support Vector Machine that have been trained and tested using the NSL-KDD dataset. The performance of the abovementioned classifiers using different features values was evaluated. The experimental results indicate that the detection accuracy improves by approximately 1.55% when implemented using the PSO-based selected features than that of using GA-based selected features. The Decision Tree classifier that was trained with PSO-based selected features outperformed other classifiers with accuracy, precision, recall, and f-score result of 99.38%, 99.36%, 99.32%, and 99.34% respectively. The results show that using optimal features coupling with a good classifier in a detection system able to reduce the classifier model building time, reduce the computational burden to analyze data, and consequently attain high detection rate. |
| first_indexed | 2024-03-06T11:00:11Z |
| format | Article |
| id | upm.eprints-94543 |
| institution | Universiti Putra Malaysia |
| last_indexed | 2024-03-06T11:00:11Z |
| publishDate | 2021 |
| publisher | College of Science for Women, University of Baghdad |
| record_format | dspace |
| spelling | upm.eprints-945432022-12-02T08:13:42Z http://psasir.upm.edu.my/id/eprint/94543/ Performance evaluation of intrusion detection system using selected features and machine learning classifiers Raja Mahmood, Raja Azlina Abdi, AmirHossien Hussin, Masnida Some of the main challenges in developing an effective network-based intrusion detection system (IDS) include analyzing large network traffic volumes and realizing the decision boundaries between normal and abnormal behaviors. Deploying feature selection together with efficient classifiers in the detection system can overcome these problems. Feature selection finds the most relevant features, thus reduces the dimensionality and complexity to analyze the network traffic. Moreover, using the most relevant features to build the predictive model, reduces the complexity of the developed model, thus reducing the building classifier model time and consequently improves the detection performance. In this study, two different sets of selected features have been adopted to train four machine-learning based classifiers. The two sets of selected features are based on Genetic Algorithm (GA) and Particle Swarm Optimization (PSO) approach respectively. These evolutionary-based algorithms are known to be effective in solving optimization problems. The classifiers used in this study are Naïve Bayes, k-Nearest Neighbor, Decision Tree and Support Vector Machine that have been trained and tested using the NSL-KDD dataset. The performance of the abovementioned classifiers using different features values was evaluated. The experimental results indicate that the detection accuracy improves by approximately 1.55% when implemented using the PSO-based selected features than that of using GA-based selected features. The Decision Tree classifier that was trained with PSO-based selected features outperformed other classifiers with accuracy, precision, recall, and f-score result of 99.38%, 99.36%, 99.32%, and 99.34% respectively. The results show that using optimal features coupling with a good classifier in a detection system able to reduce the classifier model building time, reduce the computational burden to analyze data, and consequently attain high detection rate. College of Science for Women, University of Baghdad 2021-06 Article PeerReviewed Raja Mahmood, Raja Azlina and Abdi, AmirHossien and Hussin, Masnida (2021) Performance evaluation of intrusion detection system using selected features and machine learning classifiers. Baghdad Science Journal, 18 (suppl.2). 884 - 898. ISSN 2078-8665; ESSN: 2411-7986 https://bsj.uobaghdad.edu.iq/index.php/BSJ/article/view/6210 10.21123/bsj.2021.18.2(Suppl.).0884 |
| spellingShingle | Raja Mahmood, Raja Azlina Abdi, AmirHossien Hussin, Masnida Performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| title | Performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| title_full | Performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| title_fullStr | Performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| title_full_unstemmed | Performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| title_short | Performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| title_sort | performance evaluation of intrusion detection system using selected features and machine learning classifiers |
| work_keys_str_mv | AT rajamahmoodrajaazlina performanceevaluationofintrusiondetectionsystemusingselectedfeaturesandmachinelearningclassifiers AT abdiamirhossien performanceevaluationofintrusiondetectionsystemusingselectedfeaturesandmachinelearningclassifiers AT hussinmasnida performanceevaluationofintrusiondetectionsystemusingselectedfeaturesandmachinelearningclassifiers |