RFA Reinforced Firefly Algorithm to Identify Optimal Feature Subsets for Network IDS

RFA Reinforced Firefly Algorithm to Identify Optimal Feature Subsets for Network IDS

R. Rajakumar (Madanapalle Institute of Technology and Science, Madanapalle, India), K. Dinesh (Madanapalle Institute of Technology and Science, Madanapalle, India), Ankur Dumka (Graphic Era University (Deemed), Dehradun, India) and Jayakumar L (Vel Tech Rangarajan Dr.Sagunthala R&D Institute of Science and Technology, Chennai, India)
Copyright: © 2020 |Pages: 20
DOI: 10.4018/IJGHPC.2020070105


Intrusion detection systems (IDS's) play a vital role in network security to prevent the unauthorized use of data over networks. The feature selection approach is an important paradigm to strengthen IDS systems. In this article, a reinforced firefly-based feature selection model is proposed. This model utilizes the firefly inspired optimizer to select the features and it combines filter-based and wrapper-based approaches to boost the optimizer approach of the significant feature subset. In addition to that, novel classifiers are used to validate the efficiency of the selected subset. The proposed work is tested on the KDD Cup99 data sets which include 41 different features. Experimental results convey that the proposed work outperforms in terms of better detection accuracy, FPR and F-score. Also, it achieves better classification accuracy and less computational complexity compared to other algorithms.
Article Preview

1. Introduction

Owing to the rapid development of sophisticated attacks in computer networks, significant growth in network security has been taken place. Though traditional security methods reside in the network security it fails to defend the malicious attacks due to the fast growth of intrusion techniques. To address this issue, novel defense techniques such as intrusion detection system (IDS) are developed to improve network security (Kang & Kim 2016; Paliwal & Gupta 2012; Sabhnani & Serpen 2003; Azad & Jha 2013; Balajinath & Raghaven 2001; NSL-KDD n.d.; Chandrashekar & Sahin 2014). IDS plays an important role for the development of network security where it includes many applications influencing integrity, privacy and accessibility. It is demarcated as a software or hardware that observes internal or external cyber-attacks. It examines the system and user operations by investigating and identifying the models of known attacks and detects the abnormal network functionality. In addition to that, IDS have two main categories i.e. host based IDS (HIDS) and network based IDS (NIDS) (Bhuyan et al., 2013). Host IDS run on personal networks or devices on the network which monitors the inner actions in a computing system. On the other hand, Network IDS detect potential cyber-attacks based on network traffic patterns. It also builds a computation task to predict model and distinguish between “bad” (attacks or intrusions) and “good” (normal) connections.

Generally, IDS based detection systems are classified into three broad categories viz., misuse-based detection, anomaly-based detection and hybrid IDS. Misuse based or signature-based detection holds predefined rules or signatures to identify anonymous attacks. Anomaly detection creates a standard activity profile to identify the anonymous attacks by monitoring the variation in their established standard activities (Karimipour & Dinavahi, 2017). Hybrid IDS detects both the known and unknown attacks in the network. Currently, a wide range of IDS system uses the data mining mechanisms for spotting intrusions. Most of the NIDS based works utilize all features to detect the unknown attacks, but all the features are not required to detect the attacks. The selected numbers of features are enough to detect the attacks as well as to minimize the detection time and maximize the detection accuracy rate.

Feature selection (FS) is mechanisms which preprocess the data by identifying the significant features and eradicating the redundant and false features. Significant features are quite important to determine the high accuracy rate as well as for the smoothening of the classifier operation (Peng et al., 2005). However, the insignificant features provide the false positive rate and hold the same information like significant features which in result degrades the performance of the classifier operation. Some of the advantages of FS are data analyzing, irrelevant data elimination and minimization of computation cost (El-Hkatib, 2009). To validate the significant features enormous classifiers are introduced such as SVM (Fung & Mangasarian, 2004; Lee & Mangasarian, 2001), C4.5, Random Forest, K-means, Decision Tree, Fuzzy Logic and Bayesian Network classifier (Çavuşoğlu 2019).

In this article, we merged filter and wrapper-based feature selection techniques to determine the suitable features to detect the network intrusion. In addition to that, reinforced firefly algorithm has been incorporated with the wrapper-based techniques to boost up the selection of the significant features. The objective of this paper is to select the promising features to reduce the detection time by identifying the attacks reside in the network. The proposed work mainly focuses on the meta-heuristic algorithm namely reinforced firefly algorithm for feature selection with Bayesian Network classifier and SVM Classifier. Reinforced firefly algorithm has been improvised with an efficient exploration technique namely Levy Flight which aids the proposed algorithm to select the appropriate features by utilizing the global search space. The aim of this paper is to provide the prominent accuracy and less false positive rate with the aid of the wrapper technique and filter technique. Efficacy of the proposed technique is measured using the KDD Cup 99 intrusion detection dataset. In order to measure the performance of the proposed work, state-of-art meta-heuristics algorithm such as GA, PSO and FA are used respectively.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 13: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 12: 4 Issues (2020): 3 Released, 1 Forthcoming
Volume 11: 4 Issues (2019)
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing