Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model

Author First name, Last name, Institution

Shadi Aljawarneh, Jordan University of Science and Technology
Monther Aldwairi, Jordan University of Science and Technology
Muneer Bani Yassein, Jordan University of Science and Technology

Document Type

Article

Source of Publication

Journal of Computational Science

Publication Date

3-1-2018

Abstract

© 2017 Elsevier B.V. Efficiently detecting network intrusions requires the gathering of sensitive information. This means that one has to collect large amounts of network transactions including high details of recent network transactions. Assessments based on meta-heuristic anomaly are important in the intrusion related network transaction data's exploratory analysis. These assessments are needed to make and deliver predictions related to the intrusion possibility based on the available attribute details that are involved in the network transaction. We were able to utilize the NSL-KDD data set, the binary and multiclass problem with a 20% testing dataset. This paper develops a new hybrid model that can be used to estimate the intrusion scope threshold degree based on the network transaction data's optimal features that were made available for training. The experimental results revealed that the hybrid approach had a significant effect on the minimisation of the computational and time complexity involved when determining the feature association impact scale. The accuracy of the proposed model was measured as 99.81% and 98.56% for the binary class and multiclass NSL-KDD data sets, respectively. However, there are issues with obtaining high false and low false negative rates. A hybrid approach with two main parts is proposed to address these issues. First, data needs to be filtered using the Vote algorithm with Information Gain that combines the probability distributions of these base learners in order to select the important features that positively affect the accuracy of the proposed model. Next, the hybrid algorithm consists of following classifiers: J48, Meta Pagging, RandomTree, REPTree, AdaBoostM1, DecisionStump and NaiveBayes. Based on the results obtained using the proposed model, we observe improved accuracy, high false negative rate, and low false positive rule.

DOI Link

10.1016/j.jocs.2017.03.006

ISSN

1877-7503

Publisher

Elsevier B.V.

Volume

25

First Page

152

Last Page

160

Disciplines

Computer Sciences

Keywords

Association impact scale, Correlation analysis, Feature reduction, Intrusion detection

Scopus ID

85016025969

Recommended Citation

Aljawarneh, Shadi; Aldwairi, Monther; and Yassein, Muneer Bani, "Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model" (2018). All Works. 511.
https://zuscholars.zu.ac.ae/works/511

Indexed in Scopus

yes

Open Access

no