Efficient Intrusion Detection Through the Fusion of AI Algorithms and Feature Selection Methods
Main Article Content
Abstract
With the proliferation of both Internet access and data traffic, recent breaches have brought into sharp focus the need for Network Intrusion Detection Systems (NIDS) to protect networks from more complex cyberattacks. To differentiate between normal network processes and possible attacks, Intrusion Detection Systems (IDS) often employ pattern recognition and data mining techniques. Network and host system intrusions, assaults, and policy violations can be automatically detected and classified by an Intrusion Detection System (IDS). Using Python Scikit-Learn the results of this study show that Machine Learning (ML) techniques like Decision Tree (DT), Naïve Bayes (NB), and K-Nearest Neighbor (KNN) can enhance the effectiveness of an Intrusion Detection System (IDS). Success is measured by a variety of metrics, including accuracy, precision, recall, F1-Score, and execution time. Applying feature selection approaches such as Analysis of Variance (ANOVA), Mutual Information (MI), and Chi-Square (Ch-2) reduced execution time, increased detection efficiency and accuracy, and boosted overall performance. All classifiers achieve the greatest performance with 99.99% accuracy and the shortest computation time of 0.0089 seconds while using ANOVA with 10% of features.
Article Details
Section
How to Cite
References
Ahmad, I. Ul Haq, Q. E., Imran, M., Alassafi, M. O., and AlGhamdi, R. A. 2022. An efficient network intrusion detection and classification system, Mathematics, 10(3), p. 530. Doi:10.3390/math10030530
Ali, A.A. and Dawood, F.A.A. 2023. Deep learning of diabetic retinopathy classification in fundus images, Journal of Engineering, 29(12), pp. 139–152. Doi:10.31026/j.eng.2023.12.09
Alkanhel, R. El-kenawy, E. S. M., Abdelhamid, A. A., Ibrahim, A., Alohali, M. A., Abotaleb, M., and Khafaga, D. S. 2023. Network intrusion detection based on feature selection and hybrid metaheuristic optimization., Computers, Materials & Continua, 74(2). Doi:10.32604/cmc.2023.033273
Ambusaidi, M.A. He, X., Nanda, P., and Tan, Z. 2016. Building an intrusion detection system using a filter-based feature selection algorithm, IEEE Transactions on Computers, 65(10), pp. 2986–2998. Doi:10.1109/TC.2016.2519914
Arik, A.O. and Çavdaroğlu, G.Ç. 2024. An intrusion detection approach based on the combination of oversampling and undersampling algorithms, Acta Infologica, 7(1), pp. 125–138. Doi:10.26650/acin.1222890
bhai Gupta, A.R. and Agrawal, J. 2020. A comprehensive survey on various machine learning methods used for intrusion detection systems, in 2020 IEEE 9th International Conference on Communication Systems and Network Technologies (CSNT). IEEE, pp. 282–289. Doi:10.1109/CSNT48778.2020.9115764
Charbuty, B. and Abdulazeez, A. 2021. Classification based on decision tree algorithm for machine learning, Journal of Applied Science and Technology Trends, 2(01), pp. 20–28. Doi:10.38094/jastt20165
Farhana, K., Rahman, M. and Ahmed, M.T. 2020. An intrusion detection system for packet and flow based networks using deep neural network approach, International Journal of Electrical & Computer Engineering (2088-8708), 10(5). Doi:10.11591/ijece.v10i5.pp5514-5525
Fuat, T. 2023. Analysis of intrusion detection systems in UNSW-NB15 and NSL-KDD datasets with machine learning algorithms, Bitlis Eren Üniversitesi Fen Bilimleri Dergisi, 12(2), pp. 465–477. Doi:10.17798/bitlisfen.1240469
Gu, J. and Lu, S. 2021. An effective intrusion detection approach using SVM with naïve Bayes feature embedding, Computers & Security, 103, p. 102158. Doi:10.1016/j.cose.2020.102158
Hussein, M.A. 2022. Performance analysis of different machine learning models for intrusion detection systems, Journal of Engineering, 28(5), pp. 61–91. Doi:10.31026/j.eng.2022.05.05
Hwang, K., Cai, M., Chen, Y., and Qin, M. 2007. Hybrid intrusion detection with weighted signature generation over anomalous internet episodes, IEEE Transactions on dependable and secure computing, 4(1), pp. 41–55. Doi:10.1109/TDSC.2007.9
Kabir, E., Hu, J., Wang, H., and Zhuo, G. 2018. A novel statistical technique for intrusion detection systems, Future Generation Computer Systems, 79, pp. 303–318. Doi:10.1016/j.future.2017.01.029
Kachavimath, A. V, Nazare, S.V. and Akki, S.S. 2020. Distributed denial of service attack detection using naïve bayes and k-nearest neighbor for network forensics, in 2020 2nd International conference on innovative mechanisms for industry applications (ICIMIA). IEEE, pp. 711–717. Doi:10.1109/ICIMIA48430.2020.9074929
Khan, S., Sivaraman, E. and Honnavalli, P.B. 2020. Performance evaluation of advanced machine learning algorithms for network intrusion detection system, in Proceedings of International Conference on IoT Inclusive Life (ICIIL 2019), NITTTR Chandigarh, India. Springer, pp. 51–59. Doi:10.1007/978-981-15-3020-3_6
Kocher, G. and Kumar, G. 2021. Analysis of machine learning algorithms with feature selection for intrusion detection using UNSW-NB15 dataset, Available at SSRN 3784406 [Preprint]. Doi:10.2139/ssrn.3784406
Krishnaveni, S., Sivamohan, S., Sridhar, S. S., and Prabakaran, S. .2021. Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing, Cluster Computing, 24(3), pp. 1761–1779. Doi:10.1007/s10586-020-03222-y
Larose, D.T. and Larose, C.D. 2014. K‐nearest neighbor algorithm. Doi:10.1002/9781118874059.ch7
Mebawondu, Alowolodu, O. D., Mebawondu, J. O., and Adetunmbi, A. O. 2020. Network intrusion detection system using supervised learning paradigm, Scientific African, 9, p. e00497. Doi:10.1016/j.sciaf.2020.e00497
More, S., Idrissi, M., Mahmoud, H., and Asyhari, A. T. 2024. Enhanced intrusion detection systems performance with UNSW-NB15 data analysis, Algorithms, 17(2), p. 64. Doi:10.3390/a17020064
Mousavi, S.M., Majidnezhad, V. and Naghipour, A. 2022. A new intelligent intrusion detector based on ensemble of decision trees, Journal of Ambient Intelligence and Humanized Computing, 13(7), pp. 3347–3359. Doi:10.1007/s12652-019-01596-5
Moustafa, N. and Slay, J. 2015a. The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection systems, in 2015 4th international workshop on building analysis datasets and gathering experience returns for security (BADGERS). IEEE, pp. 25–31. Doi:10.1109/BADGERS.2015.014
Moustafa, N. and Slay, J. 2015b. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set), in 2015 military communications and information systems conference (MilCIS). IEEE, pp. 1–6. Doi:10.1109/MilCIS.2015.7348942
Moustafa, N. and Slay, J. 2016. The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set, Information Security Journal: A Global Perspective, 25(1–3), pp. 18–31. Doi:10.1080/19393555.2015.1125974
Pathak, A. and Pathak, S. 2020. Study on decision tree and KNN algorithm for intrusion detection system, International Journal of Engineering Research & Technology, 9(5), pp. 376–381. Doi:10.17577/IJERTV9IS050303
Pietraszek, T. 2004. Using adaptive alert classification to reduce false positives in intrusion detection, in Recent Advances in Intrusion Detection: 7th International Symposium, RAID 2004, Sophia Antipolis, France, September 15-17, 2004. Proceedings 7. Springer, pp. 102–124. Doi:10.1007/978-3-540-30143-1_6
Pradhan, M., Nayak, C.K. and Pradhan, S.K. 2020. Intrusion detection system (IDS) and their types, in Securing the internet of things: Concepts, methodologies, tools, and applications. IGI Global, pp. 481–497. Doi:10.4018/978-1-5225-9866-4.ch026
Relan, N.G. and Patil, D.R. 2015. Implementation of network intrusion detection system using variant of decision tree algorithm, in 2015 International Conference on Nascent Technologies in the Engineering Field (ICNTE). IEEE, pp. 1–5. Doi:10.1109/ICNTE.2015.7029925
Siraj, M.J., Ahmad, T. and Ijtihadie, R.M. 2022. Analyzing ANOVA F-test and sequential feature selection for intrusion detection systems., International Journal of Advances in Soft Computing & Its Applications, 14(2). Doi:10.15849/IJASCA.220720.13
Song, J., Zhu, Z. and Price, C. 2014. Feature grouping for intrusion detection based on mutual information, Journal of Communications, 9(12), pp. 987–993. Doi:10.12720/jcm.9.12.987-993
Tapiador, J.E., Orfila, A., Ribagorda, A., and Ramos, B. 2013. Key-recovery attacks on KIDS, a keyed anomaly detection system, IEEE Transactions on Dependable and Secure Computing, 12(3), pp. 312–325. Doi:10.1109/TDSC.2013.39
Zeeshan, M., Riaz, Q., Bilal, M. A., Shahzad, M. K., Jabeen, H., Haider, S. A., and Rahim, A. 2021. Protocol-based deep intrusion detection for dos and ddos attacks using unsw-nb15 and bot-iot data-sets, IEEE Access, 10, pp. 2269–2283. Doi:10.1109/ACCESS.2021.3137201