Attribute Selection and Ensemble Classifier based Novel Approach to Intrusion Detection System

Purpose – The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened. Design/methodology/approach – A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS). Findings – After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system. Research limitations/implications – Data limitation. Originality/value – The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.

Download Full-text

A Novel Intrusion Detection System for RPL Based IoT Networks with Bio-Inspired Feature Selection and Ensemble Classifier

10.21203/rs.3.rs-442429/v1 ◽

2021 ◽

Author(s):

Jayaprakash Pokala ◽

B. Lalitha

Keyword(s):

Feature Selection ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Ensemble Classifier ◽

Support Vector ◽

Routing Attacks ◽

Salp Swarm Algorithm ◽

Network Intrusion ◽

Swarm Algorithm

Abstract Internet of Things (IoT) is the powerful latest trend that allows communications and networking of many sources over the internet. Routing protocol for low power and lossy networks (RPL) based IoT networks may be exposed to many routing attacks due to resource-constrained and open nature of the IoT nodes. Hence, there is a need for network intrusion detection system (NIDS) to protect RPL based IoT networks from routing attacks. The existing techniques for anomaly-based NIDS (ANIDS) subjects to high false alarm rate (FAR). Therefore, a novel bio-inspired voting ensemble classifier with feature selection technique is proposed in this paper to improve the performance of ANIDS for RPL based IoT networks. The proposed voting ensemble classifier combines the results of various base classifiers such as logistic Regression, support vector machine, decision tree, bidirectional long short-term memory and K-nearest neighbor to detect the attacks accurately based on majority voting rule. The optimized weights of base classifiers are obtained by using the feature selection method called simulated annealing based improved salp swarm algorithm (SA-ISSA), which is the hybridization of particle swarm optimization, opposition based learning and salp swarm algorithm. The experiments are performed with RPL-NIDDS17 dataset that contains seven types of attack instances. The performance of the proposed model is evaluated and compared with existing feature selection and classification techniques in terms of accuracy, attack detection rate (ADR), FAR and so on. The proposed ensemble classifier shows better performance with higher accuracy (96.4%), ADR (97.7%) and reduced FAR (3.6%).

Download Full-text