A novel combinatorial optimization based feature selection method for network intrusion detection

A novel combinatorial optimization based feature selection method for network intrusion detection

The advancements in communication technologies and ubiquitous accessibility to a wide array of services has opened many challenges. Growing numbers of cyberattacks show that current security solutions and technologies do not provide effective safeguard against modern attacks. Intrusion is one of the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 2021-03, Vol.102, p.102164, Article 102164
Hauptverfasser: Nazir, Anjum, Khan, Rizwan Ahmed
Format: Artikel
Sprache:eng
Schlagworte:
Accuracy
Algorithms
Classification
Combinatorial analysis
Communications traffic
Data mining
Decision trees
Feature extraction
Feature selection
Intrusion detection
Intrusion detection systems
Machine learning
Metaheuristics
Optimization
Search methods
Security
Soft computing
Tabu search
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page 102164
container_title Computers & security
container_volume 102
creator Nazir, Anjum
Khan, Rizwan Ahmed
description The advancements in communication technologies and ubiquitous accessibility to a wide array of services has opened many challenges. Growing numbers of cyberattacks show that current security solutions and technologies do not provide effective safeguard against modern attacks. Intrusion is one of the main issue that has gone viral and can compromise the security of a network of any size. Intrusion Detection / Prevention Systems (IDS / IPS) are used to monitor, inspect and possibly block attacks. However, traditional intrusion detection techniques like signature or anomaly (network behavior) based approaches are prone to many weaknesses. Advancements in machine learning algorithms, data mining and soft computing techniques have shown potential to be used in IDS. All of these technologies, specially machine learning algorithms have to deal with the issue of high dimensionality of data /network traffic data as high dimensional data makes data sparse in hyper-space which restricts different algorithms scaling and generalization capabilities. Secondly, the problem magnitude also grows exponentially when IDS needs to make decision in a real time environment. One of the solution is to tackle this issue is to use feature selection techniques to reduce dimensionality of data. Feature selection is a process of selecting the optimal subset of features from a large feature-set to improve classification accuracy, performance and cost of extracting features. In this paper, we proposed a wrapper-based feature selection method called ’Tabu Search - Random Forest (TS-RF)’. Tabu search is used as a search method while random forest is used as a learning algorithm for Network Intrusion Detection Systems (NIDS). The proposed model is tested on the UNSW-NB15 dataset. The obtained results compared with other feature selection approaches. Results show that TS-RF improves classification accuracy while reducing number of features and false positive rate simultaneously.
doi_str_mv 10.1016/j.cose.2020.102164
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2504808649</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0167404820304375</els_id><sourcerecordid>2504808649</sourcerecordid><originalsourceid>FETCH-LOGICAL-c328t-9d5dda4dae0c3d5d6a09d4657979465937dc9d4ce6ce1d7b34e9fad153b908c23</originalsourceid><addsrcrecordid>eNp9UElLxDAUDqLguPwBTwHPHZN0S8DLMLjBgBc9hzR5xdS2GZN0RH-9qfXs6T2-5S0fQleUrCmh1U231i7AmhE2A4xWxRFaUV6zrGKEH6NVEtVZQQp-is5C6AihdcX5CqkNHt0Beqzd0NhRReet6rHbRzvYbxWtG3GjAhjcgoqTBxygB_2LDxDfXCKcxyPET-ffsR2jn8JMGoiL7AKdtKoPcPlXz9Hr_d3L9jHbPT88bTe7TOeMx0yY0hhVGAVE56mvFBGmqMpa1CIVkddGJ0BDpYGauskLEK0ytMwbQbhm-Tm6XubuvfuYIETZucmPaaVkZXqc8KoQScUWlfYuBA-t3Hs7KP8lKZFzlLKTc5RyjlIuUSbT7WKCdP_BgpdBWxg1GOvTk9I4-5_9BzfSfws</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2504808649</pqid></control><display><type>article</type><title>A novel combinatorial optimization based feature selection method for network intrusion detection</title><source>Elsevier ScienceDirect Journals</source><creator>Nazir, Anjum ; Khan, Rizwan Ahmed</creator><creatorcontrib>Nazir, Anjum ; Khan, Rizwan Ahmed</creatorcontrib><description>The advancements in communication technologies and ubiquitous accessibility to a wide array of services has opened many challenges. Growing numbers of cyberattacks show that current security solutions and technologies do not provide effective safeguard against modern attacks. Intrusion is one of the main issue that has gone viral and can compromise the security of a network of any size. Intrusion Detection / Prevention Systems (IDS / IPS) are used to monitor, inspect and possibly block attacks. However, traditional intrusion detection techniques like signature or anomaly (network behavior) based approaches are prone to many weaknesses. Advancements in machine learning algorithms, data mining and soft computing techniques have shown potential to be used in IDS. All of these technologies, specially machine learning algorithms have to deal with the issue of high dimensionality of data /network traffic data as high dimensional data makes data sparse in hyper-space which restricts different algorithms scaling and generalization capabilities. Secondly, the problem magnitude also grows exponentially when IDS needs to make decision in a real time environment. One of the solution is to tackle this issue is to use feature selection techniques to reduce dimensionality of data. Feature selection is a process of selecting the optimal subset of features from a large feature-set to improve classification accuracy, performance and cost of extracting features. In this paper, we proposed a wrapper-based feature selection method called ’Tabu Search - Random Forest (TS-RF)’. Tabu search is used as a search method while random forest is used as a learning algorithm for Network Intrusion Detection Systems (NIDS). The proposed model is tested on the UNSW-NB15 dataset. The obtained results compared with other feature selection approaches. Results show that TS-RF improves classification accuracy while reducing number of features and false positive rate simultaneously.</description><identifier>ISSN: 0167-4048</identifier><identifier>EISSN: 1872-6208</identifier><identifier>DOI: 10.1016/j.cose.2020.102164</identifier><language>eng</language><publisher>Amsterdam: Elsevier Ltd</publisher><subject>Accuracy ; Algorithms ; Classification ; Combinatorial analysis ; Communications traffic ; Data mining ; Decision trees ; Feature extraction ; Feature selection ; Intrusion detection ; Intrusion detection systems ; Machine learning ; Metaheuristics ; Optimization ; Search methods ; Security ; Soft computing ; Tabu search</subject><ispartof>Computers &amp; security, 2021-03, Vol.102, p.102164, Article 102164</ispartof><rights>2020 Elsevier Ltd</rights><rights>Copyright Elsevier Sequoia S.A. Mar 2021</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c328t-9d5dda4dae0c3d5d6a09d4657979465937dc9d4ce6ce1d7b34e9fad153b908c23</citedby><cites>FETCH-LOGICAL-c328t-9d5dda4dae0c3d5d6a09d4657979465937dc9d4ce6ce1d7b34e9fad153b908c23</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.sciencedirect.com/science/article/pii/S0167404820304375$$EHTML$$P50$$Gelsevier$$H</linktohtml><link.rule.ids>314,776,780,3537,27901,27902,65306</link.rule.ids></links><search><creatorcontrib>Nazir, Anjum</creatorcontrib><creatorcontrib>Khan, Rizwan Ahmed</creatorcontrib><title>A novel combinatorial optimization based feature selection method for network intrusion detection</title><title>Computers &amp; security</title><description>The advancements in communication technologies and ubiquitous accessibility to a wide array of services has opened many challenges. Growing numbers of cyberattacks show that current security solutions and technologies do not provide effective safeguard against modern attacks. Intrusion is one of the main issue that has gone viral and can compromise the security of a network of any size. Intrusion Detection / Prevention Systems (IDS / IPS) are used to monitor, inspect and possibly block attacks. However, traditional intrusion detection techniques like signature or anomaly (network behavior) based approaches are prone to many weaknesses. Advancements in machine learning algorithms, data mining and soft computing techniques have shown potential to be used in IDS. All of these technologies, specially machine learning algorithms have to deal with the issue of high dimensionality of data /network traffic data as high dimensional data makes data sparse in hyper-space which restricts different algorithms scaling and generalization capabilities. Secondly, the problem magnitude also grows exponentially when IDS needs to make decision in a real time environment. One of the solution is to tackle this issue is to use feature selection techniques to reduce dimensionality of data. Feature selection is a process of selecting the optimal subset of features from a large feature-set to improve classification accuracy, performance and cost of extracting features. In this paper, we proposed a wrapper-based feature selection method called ’Tabu Search - Random Forest (TS-RF)’. Tabu search is used as a search method while random forest is used as a learning algorithm for Network Intrusion Detection Systems (NIDS). The proposed model is tested on the UNSW-NB15 dataset. The obtained results compared with other feature selection approaches. Results show that TS-RF improves classification accuracy while reducing number of features and false positive rate simultaneously.</description><subject>Accuracy</subject><subject>Algorithms</subject><subject>Classification</subject><subject>Combinatorial analysis</subject><subject>Communications traffic</subject><subject>Data mining</subject><subject>Decision trees</subject><subject>Feature extraction</subject><subject>Feature selection</subject><subject>Intrusion detection</subject><subject>Intrusion detection systems</subject><subject>Machine learning</subject><subject>Metaheuristics</subject><subject>Optimization</subject><subject>Search methods</subject><subject>Security</subject><subject>Soft computing</subject><subject>Tabu search</subject><issn>0167-4048</issn><issn>1872-6208</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><recordid>eNp9UElLxDAUDqLguPwBTwHPHZN0S8DLMLjBgBc9hzR5xdS2GZN0RH-9qfXs6T2-5S0fQleUrCmh1U231i7AmhE2A4xWxRFaUV6zrGKEH6NVEtVZQQp-is5C6AihdcX5CqkNHt0Beqzd0NhRReet6rHbRzvYbxWtG3GjAhjcgoqTBxygB_2LDxDfXCKcxyPET-ffsR2jn8JMGoiL7AKdtKoPcPlXz9Hr_d3L9jHbPT88bTe7TOeMx0yY0hhVGAVE56mvFBGmqMpa1CIVkddGJ0BDpYGauskLEK0ytMwbQbhm-Tm6XubuvfuYIETZucmPaaVkZXqc8KoQScUWlfYuBA-t3Hs7KP8lKZFzlLKTc5RyjlIuUSbT7WKCdP_BgpdBWxg1GOvTk9I4-5_9BzfSfws</recordid><startdate>202103</startdate><enddate>202103</enddate><creator>Nazir, Anjum</creator><creator>Khan, Rizwan Ahmed</creator><general>Elsevier Ltd</general><general>Elsevier Sequoia S.A</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>K7.</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>202103</creationdate><title>A novel combinatorial optimization based feature selection method for network intrusion detection</title><author>Nazir, Anjum ; Khan, Rizwan Ahmed</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c328t-9d5dda4dae0c3d5d6a09d4657979465937dc9d4ce6ce1d7b34e9fad153b908c23</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Accuracy</topic><topic>Algorithms</topic><topic>Classification</topic><topic>Combinatorial analysis</topic><topic>Communications traffic</topic><topic>Data mining</topic><topic>Decision trees</topic><topic>Feature extraction</topic><topic>Feature selection</topic><topic>Intrusion detection</topic><topic>Intrusion detection systems</topic><topic>Machine learning</topic><topic>Metaheuristics</topic><topic>Optimization</topic><topic>Search methods</topic><topic>Security</topic><topic>Soft computing</topic><topic>Tabu search</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Nazir, Anjum</creatorcontrib><creatorcontrib>Khan, Rizwan Ahmed</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Criminal Justice (Alumni)</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Computers &amp; security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Nazir, Anjum</au><au>Khan, Rizwan Ahmed</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A novel combinatorial optimization based feature selection method for network intrusion detection</atitle><jtitle>Computers &amp; security</jtitle><date>2021-03</date><risdate>2021</risdate><volume>102</volume><spage>102164</spage><pages>102164-</pages><artnum>102164</artnum><issn>0167-4048</issn><eissn>1872-6208</eissn><abstract>The advancements in communication technologies and ubiquitous accessibility to a wide array of services has opened many challenges. Growing numbers of cyberattacks show that current security solutions and technologies do not provide effective safeguard against modern attacks. Intrusion is one of the main issue that has gone viral and can compromise the security of a network of any size. Intrusion Detection / Prevention Systems (IDS / IPS) are used to monitor, inspect and possibly block attacks. However, traditional intrusion detection techniques like signature or anomaly (network behavior) based approaches are prone to many weaknesses. Advancements in machine learning algorithms, data mining and soft computing techniques have shown potential to be used in IDS. All of these technologies, specially machine learning algorithms have to deal with the issue of high dimensionality of data /network traffic data as high dimensional data makes data sparse in hyper-space which restricts different algorithms scaling and generalization capabilities. Secondly, the problem magnitude also grows exponentially when IDS needs to make decision in a real time environment. One of the solution is to tackle this issue is to use feature selection techniques to reduce dimensionality of data. Feature selection is a process of selecting the optimal subset of features from a large feature-set to improve classification accuracy, performance and cost of extracting features. In this paper, we proposed a wrapper-based feature selection method called ’Tabu Search - Random Forest (TS-RF)’. Tabu search is used as a search method while random forest is used as a learning algorithm for Network Intrusion Detection Systems (NIDS). The proposed model is tested on the UNSW-NB15 dataset. The obtained results compared with other feature selection approaches. Results show that TS-RF improves classification accuracy while reducing number of features and false positive rate simultaneously.</abstract><cop>Amsterdam</cop><pub>Elsevier Ltd</pub><doi>10.1016/j.cose.2020.102164</doi></addata></record>
fulltext fulltext
identifier ISSN: 0167-4048
ispartof Computers & security, 2021-03, Vol.102, p.102164, Article 102164
issn 0167-4048
1872-6208
language eng
recordid cdi_proquest_journals_2504808649
source Elsevier ScienceDirect Journals
subjects Accuracy
Algorithms
Classification
Combinatorial analysis
Communications traffic
Data mining
Decision trees
Feature extraction
Feature selection
Intrusion detection
Intrusion detection systems
Machine learning
Metaheuristics
Optimization
Search methods
Security
Soft computing
Tabu search
title A novel combinatorial optimization based feature selection method for network intrusion detection
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-30T20%3A54%3A21IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20novel%20combinatorial%20optimization%20based%20feature%20selection%20method%20for%20network%20intrusion%20detection&rft.jtitle=Computers%20&%20security&rft.au=Nazir,%20Anjum&rft.date=2021-03&rft.volume=102&rft.spage=102164&rft.pages=102164-&rft.artnum=102164&rft.issn=0167-4048&rft.eissn=1872-6208&rft_id=info:doi/10.1016/j.cose.2020.102164&rft_dat=%3Cproquest_cross%3E2504808649%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2504808649&rft_id=info:pmid/&rft_els_id=S0167404820304375&rfr_iscdi=true