Efficient Intrusion Detection Through the Fusion of AI Algorithms and Feature Selection Methods

Main Article Content

Marwa Mohammad Obaid
Muna Hadi Saleh

Abstract

With the proliferation of both Internet access and data traffic, recent breaches have brought into sharp focus the need for Network Intrusion Detection Systems (NIDS) to protect networks from more complex cyberattacks. To differentiate between normal network processes and possible attacks, Intrusion Detection Systems (IDS) often employ pattern recognition and data mining techniques. Network and host system intrusions, assaults, and policy violations can be automatically detected and classified by an Intrusion Detection System (IDS). Using Python Scikit-Learn the results of this study show that Machine Learning (ML) techniques like Decision Tree (DT), Naïve Bayes (NB), and K-Nearest Neighbor (KNN) can enhance the effectiveness of an Intrusion Detection System (IDS). Success is measured by a variety of metrics, including accuracy, precision, recall, F1-Score, and execution time. Applying feature selection approaches such as Analysis of Variance (ANOVA), Mutual Information (MI), and Chi-Square (Ch-2) reduced execution time, increased detection efficiency and accuracy, and boosted overall performance. All classifiers achieve the greatest performance with 99.99% accuracy and the shortest computation time of 0.0089 seconds while using ANOVA with 10% of features.

Article Details

How to Cite
“Efficient Intrusion Detection Through the Fusion of AI Algorithms and Feature Selection Methods ” (2024) Journal of Engineering, 30(07), pp. 184–201. doi:10.31026/j.eng.2024.07.11.
Section
Articles

How to Cite

“Efficient Intrusion Detection Through the Fusion of AI Algorithms and Feature Selection Methods ” (2024) Journal of Engineering, 30(07), pp. 184–201. doi:10.31026/j.eng.2024.07.11.

Publication Dates

Received

2024-01-29

Accepted

2024-05-24

Published Online First

2024-07-01

References

Ahmad, I. Ul Haq, Q. E., Imran, M., Alassafi, M. O., and AlGhamdi, R. A. 2022. An efficient network intrusion detection and classification system, Mathematics, 10(3), p. 530. Doi:10.3390/math10030530

Ali, A.A. and Dawood, F.A.A. 2023. Deep learning of diabetic retinopathy classification in fundus images, Journal of Engineering, 29(12), pp. 139–152. Doi:10.31026/j.eng.2023.12.09

Alkanhel, R. El-kenawy, E. S. M., Abdelhamid, A. A., Ibrahim, A., Alohali, M. A., Abotaleb, M., and Khafaga, D. S. 2023. Network intrusion detection based on feature selection and hybrid metaheuristic optimization., Computers, Materials & Continua, 74(2). Doi:10.32604/cmc.2023.033273

Ambusaidi, M.A. He, X., Nanda, P., and Tan, Z. 2016. Building an intrusion detection system using a filter-based feature selection algorithm, IEEE Transactions on Computers, 65(10), pp. 2986–2998. Doi:10.1109/TC.2016.2519914

Arik, A.O. and Çavdaroğlu, G.Ç. 2024. An intrusion detection approach based on the combination of oversampling and undersampling algorithms, Acta Infologica, 7(1), pp. 125–138. Doi:10.26650/acin.1222890

bhai Gupta, A.R. and Agrawal, J. 2020. A comprehensive survey on various machine learning methods used for intrusion detection systems, in 2020 IEEE 9th International Conference on Communication Systems and Network Technologies (CSNT). IEEE, pp. 282–289. Doi:10.1109/CSNT48778.2020.9115764

Charbuty, B. and Abdulazeez, A. 2021. Classification based on decision tree algorithm for machine learning, Journal of Applied Science and Technology Trends, 2(01), pp. 20–28. Doi:10.38094/jastt20165

Farhana, K., Rahman, M. and Ahmed, M.T. 2020. An intrusion detection system for packet and flow based networks using deep neural network approach, International Journal of Electrical & Computer Engineering (2088-8708), 10(5). Doi:10.11591/ijece.v10i5.pp5514-5525

Fuat, T. 2023. Analysis of intrusion detection systems in UNSW-NB15 and NSL-KDD datasets with machine learning algorithms, Bitlis Eren Üniversitesi Fen Bilimleri Dergisi, 12(2), pp. 465–477. Doi:10.17798/bitlisfen.1240469

Gu, J. and Lu, S. 2021. An effective intrusion detection approach using SVM with naïve Bayes feature embedding, Computers & Security, 103, p. 102158. Doi:10.1016/j.cose.2020.102158

Hussein, M.A. 2022. Performance analysis of different machine learning models for intrusion detection systems, Journal of Engineering, 28(5), pp. 61–91. Doi:10.31026/j.eng.2022.05.05

Hwang, K., Cai, M., Chen, Y., and Qin, M. 2007. Hybrid intrusion detection with weighted signature generation over anomalous internet episodes, IEEE Transactions on dependable and secure computing, 4(1), pp. 41–55. Doi:10.1109/TDSC.2007.9

Kabir, E., Hu, J., Wang, H., and Zhuo, G. 2018. A novel statistical technique for intrusion detection systems, Future Generation Computer Systems, 79, pp. 303–318. Doi:10.1016/j.future.2017.01.029

Kachavimath, A. V, Nazare, S.V. and Akki, S.S. 2020. Distributed denial of service attack detection using naïve bayes and k-nearest neighbor for network forensics, in 2020 2nd International conference on innovative mechanisms for industry applications (ICIMIA). IEEE, pp. 711–717. Doi:10.1109/ICIMIA48430.2020.9074929

Khan, S., Sivaraman, E. and Honnavalli, P.B. 2020. Performance evaluation of advanced machine learning algorithms for network intrusion detection system, in Proceedings of International Conference on IoT Inclusive Life (ICIIL 2019), NITTTR Chandigarh, India. Springer, pp. 51–59. Doi:10.1007/978-981-15-3020-3_6

Kocher, G. and Kumar, G. 2021. Analysis of machine learning algorithms with feature selection for intrusion detection using UNSW-NB15 dataset, Available at SSRN 3784406 [Preprint]. Doi:10.2139/ssrn.3784406

Krishnaveni, S., Sivamohan, S., Sridhar, S. S., and Prabakaran, S. .2021. Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing, Cluster Computing, 24(3), pp. 1761–1779. Doi:10.1007/s10586-020-03222-y

Larose, D.T. and Larose, C.D. 2014. K‐nearest neighbor algorithm. Doi:10.1002/9781118874059.ch7

Mebawondu, Alowolodu, O. D., Mebawondu, J. O., and Adetunmbi, A. O. 2020. Network intrusion detection system using supervised learning paradigm, Scientific African, 9, p. e00497. Doi:10.1016/j.sciaf.2020.e00497

More, S., Idrissi, M., Mahmoud, H., and Asyhari, A. T. 2024. Enhanced intrusion detection systems performance with UNSW-NB15 data analysis, Algorithms, 17(2), p. 64. Doi:10.3390/a17020064

Mousavi, S.M., Majidnezhad, V. and Naghipour, A. 2022. A new intelligent intrusion detector based on ensemble of decision trees, Journal of Ambient Intelligence and Humanized Computing, 13(7), pp. 3347–3359. Doi:10.1007/s12652-019-01596-5

Moustafa, N. and Slay, J. 2015a. The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection systems, in 2015 4th international workshop on building analysis datasets and gathering experience returns for security (BADGERS). IEEE, pp. 25–31. Doi:10.1109/BADGERS.2015.014

Moustafa, N. and Slay, J. 2015b. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set), in 2015 military communications and information systems conference (MilCIS). IEEE, pp. 1–6. Doi:10.1109/MilCIS.2015.7348942

Moustafa, N. and Slay, J. 2016. The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set, Information Security Journal: A Global Perspective, 25(1–3), pp. 18–31. Doi:10.1080/19393555.2015.1125974

Pathak, A. and Pathak, S. 2020. Study on decision tree and KNN algorithm for intrusion detection system, International Journal of Engineering Research & Technology, 9(5), pp. 376–381. Doi:10.17577/IJERTV9IS050303

Pietraszek, T. 2004. Using adaptive alert classification to reduce false positives in intrusion detection, in Recent Advances in Intrusion Detection: 7th International Symposium, RAID 2004, Sophia Antipolis, France, September 15-17, 2004. Proceedings 7. Springer, pp. 102–124. Doi:10.1007/978-3-540-30143-1_6

Pradhan, M., Nayak, C.K. and Pradhan, S.K. 2020. Intrusion detection system (IDS) and their types, in Securing the internet of things: Concepts, methodologies, tools, and applications. IGI Global, pp. 481–497. Doi:10.4018/978-1-5225-9866-4.ch026

Relan, N.G. and Patil, D.R. 2015. Implementation of network intrusion detection system using variant of decision tree algorithm, in 2015 International Conference on Nascent Technologies in the Engineering Field (ICNTE). IEEE, pp. 1–5. Doi:10.1109/ICNTE.2015.7029925

Siraj, M.J., Ahmad, T. and Ijtihadie, R.M. 2022. Analyzing ANOVA F-test and sequential feature selection for intrusion detection systems., International Journal of Advances in Soft Computing & Its Applications, 14(2). Doi:10.15849/IJASCA.220720.13

Song, J., Zhu, Z. and Price, C. 2014. Feature grouping for intrusion detection based on mutual information, Journal of Communications, 9(12), pp. 987–993. Doi:10.12720/jcm.9.12.987-993

Tapiador, J.E., Orfila, A., Ribagorda, A., and Ramos, B. 2013. Key-recovery attacks on KIDS, a keyed anomaly detection system, IEEE Transactions on Dependable and Secure Computing, 12(3), pp. 312–325. Doi:10.1109/TDSC.2013.39

Zeeshan, M., Riaz, Q., Bilal, M. A., Shahzad, M. K., Jabeen, H., Haider, S. A., and Rahim, A. 2021. Protocol-based deep intrusion detection for dos and ddos attacks using unsw-nb15 and bot-iot data-sets, IEEE Access, 10, pp. 2269–2283. Doi:10.1109/ACCESS.2021.3137201

Similar Articles

You may also start an advanced similarity search for this article.