Modeling Network Intrusion Detection System Using Feature Selection and Parameters Optimization
Summary :
Previous approaches for modeling Intrusion Detection System (IDS) have been on twofold: improving detection model(s) in terms of (i) feature selection of audit data through wrapper and filter methods and (ii) parameters optimization of detection model design, based on classification, clustering algorithms, etc. In this paper, we present three approaches to model IDS in the context of feature selection and parameters optimization: First, we present Fusion of Genetic Algorithm (GA) and Support Vector Machines (SVM) (FuGAS), which employs combinations of GA and SVM through genetic operation and it is capable of building an optimal detection model with only selected important features and optimal parameters value. Second, we present Correlation-based Hybrid Feature Selection (CoHyFS), which utilizes a filter method in conjunction of GA for feature selection in order to reduce long training time. Third, we present Simultaneous Intrinsic Model Identification (SIMI), which adopts Random Forest (RF) and shows better intrusion detection rates and feature selection results, along with no additional computational overheads. We show the experimental results and analysis of three approaches on KDD 1999 intrusion detection datasets.
- Publication
- IEICE TRANSACTIONS on Information Vol.E91-D No.4 pp.1050-1057
- Publication Date
- 2008/04/01
- Publicized
- Online ISSN
- 1745-1361
- DOI
- 10.1093/ietisy/e91-d.4.1050
- Type of Manuscript
- PAPER
- Category
- Application Information Security
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Dong Seong KIM, Jong Sou PARK, "Modeling Network Intrusion Detection System Using Feature Selection and Parameters Optimization" in IEICE TRANSACTIONS on Information,
vol. E91-D, no. 4, pp. 1050-1057, April 2008, doi: 10.1093/ietisy/e91-d.4.1050.
Abstract: Previous approaches for modeling Intrusion Detection System (IDS) have been on twofold: improving detection model(s) in terms of (i) feature selection of audit data through wrapper and filter methods and (ii) parameters optimization of detection model design, based on classification, clustering algorithms, etc. In this paper, we present three approaches to model IDS in the context of feature selection and parameters optimization: First, we present Fusion of Genetic Algorithm (GA) and Support Vector Machines (SVM) (FuGAS), which employs combinations of GA and SVM through genetic operation and it is capable of building an optimal detection model with only selected important features and optimal parameters value. Second, we present Correlation-based Hybrid Feature Selection (CoHyFS), which utilizes a filter method in conjunction of GA for feature selection in order to reduce long training time. Third, we present Simultaneous Intrinsic Model Identification (SIMI), which adopts Random Forest (RF) and shows better intrusion detection rates and feature selection results, along with no additional computational overheads. We show the experimental results and analysis of three approaches on KDD 1999 intrusion detection datasets.
URL: https://globals.ieice.org/en_transactions/information/10.1093/ietisy/e91-d.4.1050/_p
Copy
@ARTICLE{e91-d_4_1050,
author={Dong Seong KIM, Jong Sou PARK, },
journal={IEICE TRANSACTIONS on Information},
title={Modeling Network Intrusion Detection System Using Feature Selection and Parameters Optimization},
year={2008},
volume={E91-D},
number={4},
pages={1050-1057},
abstract={Previous approaches for modeling Intrusion Detection System (IDS) have been on twofold: improving detection model(s) in terms of (i) feature selection of audit data through wrapper and filter methods and (ii) parameters optimization of detection model design, based on classification, clustering algorithms, etc. In this paper, we present three approaches to model IDS in the context of feature selection and parameters optimization: First, we present Fusion of Genetic Algorithm (GA) and Support Vector Machines (SVM) (FuGAS), which employs combinations of GA and SVM through genetic operation and it is capable of building an optimal detection model with only selected important features and optimal parameters value. Second, we present Correlation-based Hybrid Feature Selection (CoHyFS), which utilizes a filter method in conjunction of GA for feature selection in order to reduce long training time. Third, we present Simultaneous Intrinsic Model Identification (SIMI), which adopts Random Forest (RF) and shows better intrusion detection rates and feature selection results, along with no additional computational overheads. We show the experimental results and analysis of three approaches on KDD 1999 intrusion detection datasets.},
keywords={},
doi={10.1093/ietisy/e91-d.4.1050},
ISSN={1745-1361},
month={April},}
Copy
TY - JOUR
TI - Modeling Network Intrusion Detection System Using Feature Selection and Parameters Optimization
T2 - IEICE TRANSACTIONS on Information
SP - 1050
EP - 1057
AU - Dong Seong KIM
AU - Jong Sou PARK
PY - 2008
DO - 10.1093/ietisy/e91-d.4.1050
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E91-D
IS - 4
JA - IEICE TRANSACTIONS on Information
Y1 - April 2008
AB - Previous approaches for modeling Intrusion Detection System (IDS) have been on twofold: improving detection model(s) in terms of (i) feature selection of audit data through wrapper and filter methods and (ii) parameters optimization of detection model design, based on classification, clustering algorithms, etc. In this paper, we present three approaches to model IDS in the context of feature selection and parameters optimization: First, we present Fusion of Genetic Algorithm (GA) and Support Vector Machines (SVM) (FuGAS), which employs combinations of GA and SVM through genetic operation and it is capable of building an optimal detection model with only selected important features and optimal parameters value. Second, we present Correlation-based Hybrid Feature Selection (CoHyFS), which utilizes a filter method in conjunction of GA for feature selection in order to reduce long training time. Third, we present Simultaneous Intrinsic Model Identification (SIMI), which adopts Random Forest (RF) and shows better intrusion detection rates and feature selection results, along with no additional computational overheads. We show the experimental results and analysis of three approaches on KDD 1999 intrusion detection datasets.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
