Majority Voting and Feature Selection Based Network Intrusion Detection System
DOI:
https://doi.org/10.4108/eai.4-4-2022.173780Keywords:
Network Intrusion detection system, Feature selection, Majority voting, Machine learning, NSL_KDD, Network securityAbstract
Attackers continually foster new endeavours and attack strategies meant to keep away from safeguards. Many attacks have an effect on other malware or social engineering to collect consumer credentials that grant them get access to network and data. A network intrusion detection system (NIDS) is essential for network safety because it empowers to understand and react to malicious traffic. In this paper, we propose a feature selection and majority voting based solutions for detecting intrusions. A multi-model intrusion detection system is designed using Majority Voting approach. Our proposed approach was tested on a NSL-KDD benchmark dataset. The experimental results show that models based on Majority Voting and Chi-square features selection method achieved the best accuracy of 99.50% with error-rate of 0.501%, FPR of 0.005 and FNR of 0.005 using only 14 features.
References
Leevy, J. L., Khoshgoftaar, T. M. A survey and analysis of intrusion detection models based on cse-cic-ids2018 big data. Journal of Big Data, 2020, 7(1), 1-19.
Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J. Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity, 2019, 2(1), 1-22.
Laghrissi, F., Douzi, S., Douzi, K., Hssina, B. Intrusion detection systems using long short-term memory (LSTM). Journal of Big Data, 2021, 8(1), 1-16.
Megantara, A. A., & Ahmad, T. A hybrid machine learning method for increasing the performance of network intrusion detection systems. Journal of Big Data, 2021, 8(1), 1-19.
Jadhav, A. D., Pellakuri, V. Highly Accurate and Efficient Two Phase-Intrusion Detection System (TP-IDS) using Distributed Processing of HADOOP & Machine Learning Techniques, 2021.
Divyasree, T. H., Sherly, K. K. A network intrusion detection system based on ensemble CVM using efficient feature selection approach. Procedia computer science, 2018, 143, 442-449.
Ashiku, L., Dagli, C. Network Intrusion Detection System using Deep Learning. Procedia Computer Science, 2021, 185, 239-247.
Di Mauro, M., Galatro, G., Fortino, G., Liotta, A. (2021). Supervised feature selection techniques in network intrusion detection: A critical review. Engineering Applications of Artificial Intelligence, 2021, 101, 104216.
Lansky, J., Ali, S., Mohammadi, M., Majeed, M. K., Karim, S.
H. T., Rashidi, S., Rahmani, A. M. Deep learning-based intrusion detection systems: a systematic review. IEEE Access, 2021, 9, 101574-101599.
Ahmad, Z., Shahid Khan, A., Wai Shiang, C., Abdullah, J., Ahmad, F. Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 2021, 32(1), e4150.
Hamid, Y., Balasaraswathi, V. R., Journaux, L., Sugumaran,
M. Benchmark Datasets for Network Intrusion Detection: A Review. Int. J. Netw. Secur., 2018, 20(4), 645-654.
Masdari, M., Khezri, H. A survey and taxonomy of the fuzzy signature-based intrusion detection systems. Applied Soft Computing, 2020, 92, 106301.
Elmasry, W., Akbulut, A., Zaim, A. H. A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service. Open Computer Science, 2021, 11(1), 365-379.
Sistla, V. P. K., Kolli, V. K. K., Voggu, L. K., Bhavanam, R., Vallabhasoyula, S. Predictive Model for Network Intrusion Detection System Using Deep Learning. Rev. d'Intelligence Artif., 2020, 34(3), 323-330.
Sohi, S. M., Seifert, J. P., Ganji, F. RNNIDS: Enhancing network intrusion detection systems through deep learning. Computers & Security, 2021, 102, 102151.
Zhou, Y., Cheng, G., Jiang, S., Dai, M. Building an efficient intrusion detection system based on feature selection and ensemble classifier. Computer networks, 2020, 174, 107247.
Mane, S., Rao, D. Explaining Network Intrusion Detection System Using Explainable AI Framework. arXiv preprint arXiv:2103.07110. 2021.
Guezzaz, A., Benkirane, S., Azrour, M., Khurram, S. A Reliable Network Intrusion Detection Approach Using Decision Tree with Enhanced Data Quality. Security and Communication Networks, 2021.
Li, L., Yu, Y., Bai, S., Cheng, J., Chen, X. Towards effective network intrusion detection: A hybrid model integrating gini index and GBDT with PSO. Journal of Sensors, 2018.
Moualla, S., Khorzom, K., Jafar, A. Improving the Performance of Machine Learning-Based Network Intrusion Detection Systems on the UNSW-NB15 Dataset. Computational Intelligence and Neuroscience, 2021.
Xu, W., Fan, Y., Li, C. I2DS: Interpretable Intrusion Detection System Using Autoencoder and Additive Tree. Security and Communication Networks, 2021.
Kabir, E., Hu, J., Wang, H., Zhuo, G. A novel statistical technique for intrusion detection systems. Future Generation Computer Systems, 79, 303-318, 2018.
Zhang, F., Wang, Y., Liu, S., Wang, H. Decision-based evasion attacks on tree ensemble classifiers. World Wide Web, 23(5), 2957-2977, 2020.
Rasool, R. U., Ahmed, K., Anwar, Z., Wang, H., Ashraf, U., Rafique, W. CyberPulse++: A machine learning‐based security framework for detecting link flooding attacks in software defined networks. International Journal of Intelligent Systems, 36(8), 3852-3879, 2021.
Rasool, R. U., Ashraf, U., Ahmed, K., Wang, H., Rafique, W., & Anwar, Z. Cyberpulse: a machine learning based link flooding attack mitigation system for software defined networks. IEEE Access, 7, 34885-34899, 2019.
Patil, D. R., Patil, J. B. Malicious web pages’ detection using feature selection techniques and machine learning. International Journal of High Performance Computing and Networking, 2019, 14(4), 473-488.
Patil, D. R., Pattewar, T. M. A comparative performance evaluation of machine learning-based NIDS on benchmark datasets. International Journal of Research in Advent Technology, 2014, 2(2), 101-106.
Kshirsagar, V. P., Patil, D. R. An overview of adaboost-based NIDS and performance evaluation on NSL-KDD dataset. International Journal of Computer Engineering and Computer Application, 2010, 1.
Basnet, R. B., Sung, A. H., Liu, Q. Feature selection for improved phishing detection. In: International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems, Springer, Berlin, Heidelberg, 2012, pp. 252-261
Rajab, K. D. New hybrid features selection method: A case study on websites phishing. Security and Communication Networks, 2017.
Weka 3.9: Data Mining Software in Java [online] http://www.cs.waikato.ac.nz/ml/weka/ (accessed 15 November 2021).
A Brief Introduction to XGBoost, https://towardsdatascience.com/a-brief-introduction-to-xgboost-3eaee2e3e5d6 / (accessed 15 November 2021).
Quinlan, J. R. Induction of decision trees. Machine learning, 1986, 1(1), 81-106.
Schapire, R. E. Explaining adaboost. In: Empirical inference. Springer, Berlin, Heidelberg, 2013, pp. 37-52.
Houtao Deng, An Introduction to Random Forest, https://towardsdatascience.com/random-forest-3a55c3aca46d (accessed 15 November 2021).
REPTree:http://weka.sourceforge.net/doc.dev/weka/classifier s/trees/REPTree.html (accessed 15 November 2021).
EnsembleVoteClassifier:https://rasbt.github.io/mlxtend/user_guide/classifier/EnsembleVoteClassifier/, (accessed 15 November 2021).
EnsembleWeka: How to Use Ensemble Machine Learning Algorithms in Weka, http://machinelearningmastery.com/use-ensemble-machine-learning-algorithms-weka/
(accessed 15 November 2021).
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A. A. A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications, IEEE, 2009, pp. 1-6.
NSL-KDD dataset, https://www.unb.ca/cic/datasets/nsl.html,(accessed 15 November 2021).
Saito, T. and Rehmsmeier, M. Basic Evaluation Measures from the Confusion Matrix. https://classeval.wordpress.com/%20introduction/basic-evaluation-measures/, (accessed 15 November 2021).
Ahmim, A., Maglaras, L., Ferrag, M. A., Derdour, M., Janicke,
H. A novel hierarchical intrusion detection system based on decision tree and rules-based models. In: 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), IEEE, 2019, pp. 228-233.
Fang, W., Tan, X., Wilbur, D. Application of intrusion detection technology in network safety based on machine learning. Safety Science, 2020, 124, 104604.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2022 EAI Endorsed Transactions on Scalable Information Systems
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
This is an open access article distributed under the terms of the CC BY-NC-SA 4.0, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.