Ensemble-based framework for intrusion detection system

  • Authors

    • Pullagura Indira priyadarsini Vardhaman college of Engineering
    • K. Nikhila GITAM
    • P. Manvitha
    • P. Manvitha
    2018-11-15
    https://doi.org/10.14419/ijet.v7i4.17788
  • Accuracy, Bayesian Network, Canberra Distance, City Block Distance, Data Mining, Feature Selection, Fuzzy Logic, FAR, K Nearest Neighbor, Support Vector Machines, Prudent Intrusion Detection System, Precision.
  • Abstract

    In this digital age, data is growing as faster as unimaginable. One common problem in data mining is high dimensionality which impacts the quality of training datasets and thereafter classification models. This leads to a high risk of identifying intrusions for Intrusion Detection System (IDS).The probable solution for reducing dimensionality is feature selection. Another considerable cumbersome task for constructing potent classification models from multiclass datasets is the class imbalance. This may lead to a higher error rate and less accuracy. Therefore to resolve these problems, we investigated ensemble feature selection and ensemble learning techniques for IDS. The ensemble models will decrease the hassle of selecting the wrong hypothesis and give a better approximation of the true function. In this paper Prudent Intrusion detection system (PIDS) framework, focusing on ensemble learning is given. It is a two-phase approach. Firstly, the merging of two filtering approaches is done with Ensemble Feature Selection (EFS) algorithm. The proposed EFS algorithm is implemented based on fuzzy aggregation function Height with two filtering methods: Canberra distance and city block distance. Later on, classification with Ensemble Classification (EC) algorithm is done with the unification of Support Vector Machines (SVM), Bayesian Network (BN) and K nearest neighbor (KNN). The proposed ensemble method has attained a substantial improvement in accuracy compared to single classifiers. The experiments were performed on EFS+SVM, EFS+BN, EFS+KNN and proposed framework EFS+EC.SVM recorded an accuracy rate of 81% where K-NN recorded 82.8%, Bayes network recorded 84% and our proposed EFS+EC recorded 92%. It is evidenced from the end results that this PIDS framework excels IDS and prevail the pitfalls ofSVM, Bayes network and K-NN classifiers.

     

     


     

  • References

    1. [1] J. McHugh, A. Christie, and J. Allen, “Defending Yourself: The Role of Intrusion Detection Systemsâ€, IEEE Software, Sept. Oct. 2000, pp. 42-51. https://doi.org/10.1109/52.877859.

      [2] Mukkamala S, Janoski G, and Sung AH, “Intrusion Detection Using Neural Networks and Support Vector Machinesâ€, Proceedings of IEEE International Joint Conference on Neural Networks; 2002, pp. 1702-1707. https://doi.org/10.1109/IJCNN.2002.1007774.

      [3] A. Chandrasekhar, K. Raghuveer, “An effective technique for intrusion detection using neuro-fuzzy and radial svm classifierâ€, Computer Networks & Communications (NetCom), Vol. 131, Springer, 2013, pp. 499–507.

      [4] A. Kalousis, J. Prados, and M. Hilario, “Stability of feature selectionalgorithms: a study on high-dimensional spaces,†Knowl. Inf. Syst., vol. 12, no. 1, 2007, pp. 95–116. https://doi.org/10.1007/s10115-006-0040-8.

      [5] KhalidS,Khalil,T, &Nasreen S.,â€A survey of feature selection and feature extraction techniques in machine learningâ€, Science and Information Conference (SAI) 372– 378, 2014. https://doi.org/10.1109/SAI.2014.6918213.

      [6] Mohammed A.Ambusaidi, Xiangjian He, Priyadarsi Nanda, Zhiyuan Tan,â€Building an Intrusion Detection System Using a Filter-Based Feature Selection Algorithmâ€, IEEE Transactions on Computers, Vol. 65, I (10), 2016.

      [7] RonKohavi, George H. John “Wrappers for feature subset selectionâ€, Artificial Intelligence 97 pp.273-324, 1997. https://doi.org/10.1016/S0004-3702(97)00043-X.

      [8] X. Jin, A. Xu, R. Bie1 and P. Guo, “Machine Learning Techniques and Chi-Square Feature Selectionâ€, Springer- Verlag Berlin Heidelberg LNBI 3916, (2006), pp. 106 – 115.

      [9] T. G. Dietterich, “Ensemble methods in machine learning,†in Proceedingsof the First International Workshop on Multiple Classifier Systems. London, UK, UK: Springer-Verlag, pp. 1–15, 2000. https://doi.org/10.1007/3-540-45014-9_1.

      [10] B. Seijo-Pardo, I. Porto-Diaz, V. Bolon-Canedo, A. Alonso-Betanzos, “Ensemble Feature Selection: Homogeneous and Heterogeneous Approachesâ€,Knowledge-Based Systems 2016, https://doi.org/10.1016/j.knosys.2016.11.017.

      [11] Pullagura Indira priyadarsini, M.SeshaSai, A. Suneetha, M.V.B.T.Santhi “Robust Feature Selection Technique for Intrusion Detection Systemâ€, International journal of control and automation (IJCA) Vol.11, no.2, 2018 pp.33-44.

      [12] D. J. Weller-Fahy, B. J. Borghetti, and A. A. Sodemann, “A Survey of Distance and Similarity Measures Used Within Network Intrusion Anomaly Detection,†IEEE Commun. Surv.Tutor, vol. 17, no. 1, 2015, pp. 70–91. https://doi.org/10.1109/COMST.2014.2336610.

      [13] M.G. Ouyang, W.N. Wang and Y.T. Zhang, “A fuzzy comprehensive evaluation based distributed intrusion detectionâ€, Proceedings First International Conference on Machine Learning and cybernetics, China, Beijing, 2002, pp. 281-285. https://doi.org/10.1109/ICMLC.2002.1176757.

      [14] M.Govindarajan, “Evaluation of Ensemble Classifiers for Intrusion Detectionâ€, World Academy of Science, Engineering and Technolog International Journal of Computer and Information Engineering, Vol: 10, No: 6, 2016.

      [15] Y. Chen, M.-L. Wong, H. Li, “Applying Ant Colony Optimization to configuring stacking ensembles for data miningâ€, Expert Syst. Appl. 41 (6), 2014, pp. 2688–2702,. https://doi.org/10.1016/j.eswa.2013.10.063.

      [16] Hamed Haddad Pajouh, Reza Javidan, RaoufKhaymi, Ali Dehghantanha and Kim-Kwang Raymond Choo, “A Two-layer Dimension Reduction and Two-tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networksâ€,IEEE,2016, https://doi.org/10.1109/TETC.2016.2633228.

      [17] Christopher et.al.â€IDS and Correlation, Challenges and solutionsâ€,Vol 14,AISC,Springer, 2005.

      [18] MahbodTavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani “A Detailed Analysis of the KDD CUP 99 Data Setâ€, Proceedings of the IEEE Symposium on Computational Intelligence in Security and Defense Applications, 2009.

      [19] F. Amiri, M. Rezaei Yousefi, C. Lucas, A. Shakery, N. Yazdani, “Mutual information-based feature selection for intrusion detection systemsâ€, Journal of Network and Computer Applications 34 (4),1184–1199, 2011. https://doi.org/10.1016/j.jnca.2011.01.002.

      [20] J. O. S. Olsson and D.W. Oard,†Combining feature selectors for text classificationâ€,CIKM ’06: Proceedings of the 15thACM international conference on Information and knowledge management, pages 798–799, New York, NY, USA, 2006.

      [21] H.Wang, T. M. Khosh goftaar, and K. GAO. “Ensemble feature selection technique for software quality classificationâ€, In Proceedings of the 22nd International Conference on Software Engineering and Knowledge Engineering, pages 215–220, Redwood City, CA, USA, July 1-3 2010.

      [22] Z. Karimi and A. Harounabadi, “Feature Ranking in Intrusion Detection Dataset using Combination of Filtering Methodsâ€, International Journal of Computer Applications (0975 – 8887), vol. 78, Iss (4), pp. 21–27, 2013.

      [23] Basant Subba, S.B., Sushanta Karmakar, “Intrusion Detection Systems using Linear Discriminant Analysis and Logistic Regressionâ€, in INDICON. 2015, IEEE.

      [24] L. Kuncheva, “Combining Pattern Classifiers: Methods and Algorithmsâ€, Wiley-Interscience, 2004. https://doi.org/10.1002/0471660264.

      [25] V. Bukhtoyarov, V. Zhukov, “Ensemble-distributed approach in classification problem solution for intrusion detection systemsâ€, Intelligent Data Engineering and Automated Learning-IDEAL 2014, Springer, pp. 255–265.

      [26] A. Borji. , “Combining Heterogeneous Classifiers for Network Intrusion Detectionâ€, in Proceedings of the Annual Asian Computing Science Conference, pp 254-260. Springer, Berlin, Heidelberg, 2007, Dec. https://doi.org/10.1007/978-3-540-76929-3_24.

      [27] Sumaiya Thaseen, C.A.K., “An Analysis of Supervised Tree Based Classifiers for Intrusion Detection System†International Conference on Pattern Recognition, Informatics and Mobile Engineering (PRIME), IEEE, 2013, pp. 294-299.

      [28] Sumouli Choudhury, A.B., Comparative Analysis of Machine Learning Algorithms along with Classifiers for Network Intrusion Detectionâ€, International Conference on Smart Technologies and Management for Computing, Communication, Controls, Energy and Materials (ICSTM), pp. 89-95, 2015.

      [29] Gregory F. Cooper and Edward Herskovits,â€A Bayesian method for the induction of probabilistic networks from dataâ€, Machine Learning, 1992. https://doi.org/10.1007/BF00994110.

      [30] Boser, Guyon, and Vapnik, “A training algorithm for optimal margin classifiersâ€, Proceedings of the fifth annual workshop on Computational learning theory.pp.144-152, 1992.

      [31] Cortes C., Vapnik V., “Support vector networks, in Proceedings of Machine Learning20: pp.273–297, 1995.

      [32] Alkhatib K, Najadat H, Hmeidi I, Shatnawi MKA. Stock Price Prediction Using K-Nearest Neighbor (kNN) Algorithm. International Journal of Business, Humanities and Technology. 3 (3), , 2013,pp.32 – 44.

      [33] http://www.cs.waikato.ac.nz/ml/weka/.

  • Downloads

  • How to Cite

    Indira priyadarsini, P., Nikhila, K., Manvitha, P., & Manvitha, P. (2018). Ensemble-based framework for intrusion detection system. International Journal of Engineering & Technology, 7(4), 4448-4454. https://doi.org/10.14419/ijet.v7i4.17788

    Received date: 2018-08-18

    Accepted date: 2018-09-04

    Published date: 2018-11-15