Rough Set-hypergraph-based Feature Selection Approach for Intrusion Detection Systems

2016 ◽  
Vol 66 (6) ◽  
pp. 612 ◽  
Author(s):  
M.R. Gauthama Raman ◽  
K. Kannan ◽  
S.K. Pal ◽  
V. S. Shankar Sriram
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Rough Set ◽  
Network Architecture ◽  
Cyber Attacks ◽  
Intrusion Detection Systems ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Detection Systems ◽  
Helly Property

Immense growth in network-based services had resulted in the upsurge of internet users, security threats and cyber-attacks. Intrusion detection systems (IDSs) have become an essential component of any network architecture, in order to secure an IT infrastructure from the malicious activities of the intruders. An efficient IDS should be able to detect, identify and track the malicious attempts made by the intruders. With many IDSs available in the literature, the most common challenge due to voluminous network traffic patterns is the curse of dimensionality. This scenario emphasizes the importance of feature selection algorithm, which can identify the relevant features and ignore the rest without any information loss. In this paper, a novel rough set κ-Helly property technique (RSKHT) feature selection algorithm had been proposed to identify the key features for network IDSs. Experiments carried using benchmark KDD cup 1999 dataset were found to be promising, when compared with the existing feature selection algorithms with respect to reduct size, classifier’s performance and time complexity. RSKHT was found to be computationally attractive and flexible for massive datasets.

Intelligent temporal classification and fuzzy rough set-based feature selection algorithm for intrusion detection system in WSNs

2019 ◽  
Vol 497 ◽  
pp. 77-90 ◽  
Author(s):  
K Selvakumar ◽  
Marimuthu Karuppiah ◽  
L SaiRamesh ◽  
SK Hafizul Islam ◽  
Mohammad Mehedi Hassan ◽  
...  
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Rough Set ◽  
Intrusion Detection System ◽  
Detection System ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Fuzzy Rough Set

An Effective Genetic Algorithm-Based Feature Selection Method for Intrusion Detection Systems

2021 ◽  
pp. 102448
Author(s):  
Zahid Halim ◽  
Muhammad Nadeem Yousaf ◽  
Muhammad Waqas ◽  
Muhammad Suleman ◽  
Ghulam Abbas ◽  
...  
Keyword(s):  
Genetic Algorithm ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Feature Selection Method ◽  
Selection Method ◽  
Intrusion Detection Systems ◽  
Detection Systems

scholarly journals A feature selection algorithm combining information gain and multi-objective genetic search for intrusion detection system

2021 ◽  
Vol 336 ◽  
pp. 08008
Author(s):  
Tao Xie
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Information Gain ◽  
Detection System ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Genetic Search ◽  
Multi Objective

In order to improve the detection rate and speed of intrusion detection system, this paper proposes a feature selection algorithm. The algorithm uses information gain to rank the features in descending order, and then uses a multi-objective genetic algorithm to gradually search the ranking features to find the optimal feature combination. We classified the Kddcup98 dataset into five classes, DOS, PROBE, R2L, and U2R, and conducted numerous experiments on each class. Experimental results show that for each class of attack, the proposed algorithm can not only speed up the feature selection, but also significantly improve the detection rate of the algorithm.

Feature Extraction Methods for Intrusion Detection Systems

2013 ◽  
pp. 1064-1092
Author(s):  
Hai Thanh Nguyen ◽  
Katrin Franke ◽  
Slobodan Petrovic
Keyword(s):  
Feature Extraction ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Domain Knowledge ◽  
Intrusion Detection Systems ◽  
Feature Construction ◽  
Selection Methods ◽  
Detection Systems ◽  
Negative Effect ◽  
Managing Risk

Intrusion Detection Systems (IDSs) have become an important security tool for managing risk and an indispensable part of overall security architecture. An IDS is considered as a pattern recognition system, in which feature extraction is an important pre-processing step. The feature extraction process consists of feature construction and feature selection . The quality of the feature construction and feature selection algorithms is one of the most important factors that affects the effectiveness of an IDS. Achieving reduction of the number of relevant traffic features without negative effect on classification accuracy is a goal that largely improves the overall effectiveness of the IDS. Most of the feature construction as well as feature selection works in intrusion detection practice is still carried through manually by utilizing domain knowledge. For automatic feature construction and feature selection, the filter, wrapper, and embedded methods from machine learning are frequently applied. This chapter provides an overview of various existing feature construction and feature selection methods for intrusion detection systems. A comparison between those feature selection methods is performed in the experimental part.

Intrusion Detection of Cyber-Physical Attacks in Manufacturing Systems: A Review

2019 ◽  
Author(s):  
Mingtao Wu ◽  
Young B. Moon
Keyword(s):  
Intrusion Detection ◽  
Manufacturing Systems ◽  
High Volume ◽  
Cyber Attacks ◽  
Intrusion Detection Systems ◽  
Detection Methods ◽  
False Alarms ◽  
Alert Correlation ◽  
Acoustic Image ◽  
Detection Systems

Abstract Cyber-physical manufacturing system is the vision of future manufacturing systems where physical components are fully integrated through various networks and the Internet. The integration enables the access to computation resources that can improve efficiency, sustainability and cost-effectiveness. However, its openness and connectivity also enlarge the attack surface for cyber-attacks and cyber-physical attacks. A critical challenge in defending those attacks is that current intrusion detection methods cannot timely detect cyber-physical attacks. Studies showed that the physical detection provides a higher accuracy and a shorter respond time compared to network-based or host-based intrusion detection systems. Moreover, alert correlation and management methods help reducing the number of alerts and identifying the root cause of the attack. In this paper, the intrusion detection research relevant to cyber-physical manufacturing security is reviewed. The physical detection methods — using side-channel data, including acoustic, image, acceleration, and power consumption data to disclose attacks during the manufacturing process — are analyzed. Finally, the alert correlation methods — that manage the high volume of alerts generated from intrusion detection systems via logical relationships to reduce the data redundancy and false alarms — are reviewed. The study show that the cyber-physical attacks are existing and rising concerns in industry. Also, the increasing efforts in cyber-physical intrusion detection and correlation research can be utilized to secure the future manufacturing systems.

scholarly journals Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

Electronics ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 144 ◽  
Author(s):  
Yan Naung Soe ◽  
Yaokai Feng ◽  
Paulus Insap Santosa ◽  
Rudy Hartanto ◽  
Kouichi Sakurai
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Detection System ◽  
Detection Performance ◽  
Cyber Attacks ◽  
Raspberry Pi ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
New Feature ◽  
Iot Devices

The application of a large number of Internet of Things (IoT) devices makes our life more convenient and industries more efficient. However, it also makes cyber-attacks much easier to occur because so many IoT devices are deployed and most of them do not have enough resources (i.e., computation and storage capacity) to carry out ordinary intrusion detection systems (IDSs). In this study, a lightweight machine learning-based IDS using a new feature selection algorithm is designed and implemented on Raspberry Pi, and its performance is verified using a public dataset collected from an IoT environment. To make the system lightweight, we propose a new algorithm for feature selection, called the correlated-set thresholding on gain-ratio (CST-GR) algorithm, to select really necessary features. Because the feature selection is conducted on three specific kinds of cyber-attacks, the number of selected features can be significantly reduced, which makes the classifiers very small and fast. Thus, our detection system is lightweight enough to be implemented and carried out in a Raspberry Pi system. More importantly, as the really necessary features corresponding to each kind of attack are exploited, good detection performance can be expected. The performance of our proposal is examined in detail with different machine learning algorithms, in order to learn which of them is the best option for our system. The experiment results indicate that the new feature selection algorithm can select only very few features for each kind of attack. Thus, the detection system is lightweight enough to be implemented in the Raspberry Pi environment with almost no sacrifice on detection performance.

Sign in / Sign up

Export Citation Format

Share Document