A decision tree-based rule formation with combined PSO-GA algorithm for intrusion detection system
01 Jan 2016-International Journal of Internet Technology and Secured Transactions (Inderscience Publishers (IEL))-Vol. 6, Iss: 3, pp 186-202
TL;DR: A combined particle swarm optimisation with genetic algorithm CPSO-GA approach to improve the intrusion detection accuracy and achieves higher intrusion detection rate and lesser error percentage than the existing feature selection algorithms and decision tree classifiers.
Abstract: Intrusion detection is the method of analysing and monitoring the actions in the internet to recognise the ciphers of security issues. Nowadays, the existing intrusion detection algorithms concentrate on the issues of feature selection, because some of the features are redundant and irrelevant that yields lengthy detection procedures. This paper proposes a combined particle swarm optimisation with genetic algorithm CPSO-GA approach to improve the intrusion detection accuracy. Initially, the dataset is loaded and pre-processed to remove the noisy and redundant information. Then, the necessary features are selected based on the proposed CPSO-GA. The decision rules are formulated for the selected features to improve the attacker prediction. If any new type of attacker established, the dynamic features are analysed, because, the static features are not altered for any instances. The proposed approach achieves higher intrusion detection rate and lesser error percentage than the existing feature selection algorithms and decision tree classifiers.
Citations
More filters
16 Aug 2019
TL;DR: A first ever in depth analysis on the applications, enhancements as well as usage levels of PSO in intrusion detection problems made to inspire the researchers to enhance and innovate novel solutions for complex security problems of intrusion detection using PSO.
Abstract: Many nature inspired optimization algorithms have been developed since from the past decades and become popular due to its efficacy for solving various difficult problems of different areas of research. Particle swarm optimization algorithm (PSO) is famous, yet efficient nature inspired swarm intelligence based metaheuristic algorithm. Since from its initiation, PSO has become popular among the researchers due to its capability and became interest topic for the researchers as well as practitioners for solving the problems of several domains of research such as robotics, cloud computing, cyber security as well as other security domains. However more than a decade, there has been an excellent track record of PSO in solving intrusion detection problems. Profuse difficulties have been solved with the help of PSO and its variants. Taking these facts into consideration, in this paper, we made a first ever in depth analysis on the applications, enhancements as well as usage levels of PSO in intrusion detection problems. The motive behind this research work is to inspire the researchers to enhance and innovate novel solutions for complex security problems of intrusion detection using PSO.
5 citations
TL;DR: An Adaptive Risk Prediction and Anonymous Secured Communication protocol to predict the risk before processing anonymous communication and the proposed protocol estimates the risk against adjacent nodes and estimates the vulnerability paths using hidden markov model and decision tree.
Abstract: Location-based services (LBS) and information security is a major concern in communication system.With the increasing popularity of location based services more attention is paid to preserve location information to protect the data. In order to protect and preserve the MANET and location based services, there are various existing location based anonymity protocols such as k-anonymity location based, but these protocols are more overhead due to the dynamic mobility nature of ad-hoc networks. In this paper we proposed an Adaptive Risk Prediction and Anonymous Secured Communication protocol to predict the risk before processing anonymous communication. The proposed protocol estimates the risk against adjacent nodes and estimates the vulnerability paths using hidden markov model and decision tree. The decision tree determines the evidence to identify the trusted paths. The anonymous communication message authentication scheme assigns the anonymous communication and organize the secured authentication scheme. We simulated the network by considering different attacks to determine the efficiency of Adaptive Risk Prediction and Anonymous Secured Communication using NS2 simulator.
4 citations
Additional excerpts
...[27], proposed a decision tree based rule formation with a combination of PSO-GA algorithm for intrusion detection system....
[...]
01 Jan 2022
TL;DR: In this paper , the authors applied the topic modeling approach in the study by using the LDA (latent dirichlet allocation) and calculating the maximum and minimum probability of the words, which appears in the large collection of text.
Abstract: With more uses of internet-based services, the risk of cyberattacks is growing continuously. To analyze these research trends for malware and intrusion detection, the authors applied the topic modeling approach in the study by using the LDA (latent dirichlet allocation) and calculating the maximum and minimum probability of the words, which appears in the large collection of text. The LDA technique is useful in finding the hidden topics for further research in the areas of network and cybersecurity. In this chapter, they collected the abstract of two thousand papers from the Scopus library from 2014 to 2021. These collected papers are from reputed publications such as Elsevier, Springer, and IEEE Transactions. The main aim of this study is to find research trends based on keywords that are untouched or on which less research work has been done. To the best of the authors' knowledge, this will be the first study done by using the LDA technique for topic modeling in the areas of network security to demonstrate the research gap and trends for malware and intrusion detection systems.
References
More filters
IBM1
TL;DR: A taxonomy of intrusion-detection systems is introduced that highlights the various aspects of this area and is illustrated by numerous examples from past and current projects.
882 citations
01 Jan 2016
TL;DR: A novel ensemble construction method that uses PSO generated weights to create ensemble of classifiers with better accuracy for intrusion detection and results suggest that the new approach can generate ensembles that outperform WMA in terms of classification accuracy.
Abstract: Graphical abstractThe objective of this paper is to develop ensemble based classifiers that will improve the accuracy of Intrusion Detection. For this purpose, we trained and tested 12 experts and then combined them into an ensemble. We used the PSO algorithm to weight the opinion of each expert. Because the quality of the behavioral parameters inserted by the user into PSO strongly affects its effectiveness, we have used the LUS method as a meta-optimizer for finding high-quality parameters. We then used the improved PSO to create new weights for each expert. For comparison, we also developed an ensemble classifier with weights generated using WMA 12. Fig. 1 depicts the entire process. For simplicity, the system framework was divided into the following seven stages:1.Kdd99 data pre-processing.2.Data classification with six different SVM experts.3.Data classification with six different k-NN experts.4.Data classification with ensemble classifier based on PSO.5.Data classification with ensemble classifier based on LUS improvement of PSO.6.Data classification with ensemble classifier based on WMA.7.Comparison of results for each approach.Display Omitted HighlightsIDS implemented using ensemble of a six SVM and a six k-NN classifier.Ensembles are created with weight generated by PSO and meta-PSO algorithms.These two ensembles outperform third ensemble system that is created with WMA. In machine learning, a combination of classifiers, known as an ensemble classifier, often outperforms individual ones. While many ensemble approaches exist, it remains, however, a difficult task to find a suitable ensemble configuration for a particular dataset. This paper proposes a novel ensemble construction method that uses PSO generated weights to create ensemble of classifiers with better accuracy for intrusion detection. Local unimodal sampling (LUS) method is used as a meta-optimizer to find better behavioral parameters for PSO. For our empirical study, we took five random subsets from the well-known KDD99 dataset. Ensemble classifiers are created using the new approaches as well as the weighted majority algorithm (WMA) approach. Our experimental results suggest that the new approach can generate ensembles that outperform WMA in terms of classification accuracy.
360 citations
TL;DR: A new feature-selection approach based on the cuttlefish optimization algorithm which is used for intrusion detection systems (IDSs) gives a higher detection rate and accuracy rate with a lower false alarm rate, when compared with the obtained results using all features.
Abstract: A modified version of the cuttlefish algorithm is discussed.The proposed model can be used as a novel feature-selection model.Cuttlefish algorithm is used as a search strategy to find optimal subset of features.Decision tree is used to evaluate the quality of the selected features.Data pre-processing for feature selection is also examined in the paper. This paper presents a new feature-selection approach based on the cuttlefish optimization algorithm which is used for intrusion detection systems (IDSs). Because IDSs deal with a large amount of data, one of the crucial tasks of IDSs is to keep the best quality of features that represent the whole data and remove the redundant and irrelevant features. The proposed model uses the cuttlefish algorithm (CFA) as a search strategy to ascertain the optimal subset of features and the decision tree (DT) classifier as a judgement on the selected features that are produced by the CFA. The KDD Cup 99 dataset is used to evaluate the proposed model. The results show that the feature subset obtained by using CFA gives a higher detection rate and accuracy rate with a lower false alarm rate, when compared with the obtained results using all features.
296 citations
TL;DR: The lightweight IDS has been developed by using a wrapper based feature selection algorithm that maximizes the specificity and sensitivity of the IDS as well as by employing a neural ensemble decision tree iterative procedure to evolve optimal features.
Abstract: The objective of this paper is to construct a lightweight Intrusion Detection System (IDS) aimed at detecting anomalies in networks. The crucial part of building lightweight IDS depends on preprocessing of network data, identifying important features and in the design of efficient learning algorithm that classify normal and anomalous patterns. Therefore in this work, the design of IDS is investigated from these three perspectives. The goals of this paper are (i) removing redundant instances that causes the learning algorithm to be unbiased (ii) identifying suitable subset of features by employing a wrapper based feature selection algorithm (iii) realizing proposed IDS with neurotree to achieve better detection accuracy. The lightweight IDS has been developed by using a wrapper based feature selection algorithm that maximizes the specificity and sensitivity of the IDS as well as by employing a neural ensemble decision tree iterative procedure to evolve optimal features. An extensive experimental evaluation of the proposed approach with a family of six decision tree classifiers namely Decision Stump, C4.5, Naive Baye's Tree, Random Forest, Random Tree and Representative Tree model to perform the detection of anomalous network pattern has been introduced.
277 citations
TL;DR: An Intrusion Detection System (IDS) by applying genetic algorithm (GA) to efficiently detect various types of network intrusions is presented in this paper, which uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity.
Abstract: Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99 benchmark dataset and obtained reasonable detection rate.
246 citations