UPM Institutional Repository

Performance evaluation of intrusion detection system using selected features and machine learning classifiers


Citation

Raja Mahmood, Raja Azlina and Abdi, AmirHossien and Hussin, Masnida (2021) Performance evaluation of intrusion detection system using selected features and machine learning classifiers. Baghdad Science Journal, 18 (suppl.2). 884 - 898. ISSN 2078-8665; ESSN: 2411-7986

Abstract

Some of the main challenges in developing an effective network-based intrusion detection system (IDS) include analyzing large network traffic volumes and realizing the decision boundaries between normal and abnormal behaviors. Deploying feature selection together with efficient classifiers in the detection system can overcome these problems. Feature selection finds the most relevant features, thus reduces the dimensionality and complexity to analyze the network traffic. Moreover, using the most relevant features to build the predictive model, reduces the complexity of the developed model, thus reducing the building classifier model time and consequently improves the detection performance. In this study, two different sets of selected features have been adopted to train four machine-learning based classifiers. The two sets of selected features are based on Genetic Algorithm (GA) and Particle Swarm Optimization (PSO) approach respectively. These evolutionary-based algorithms are known to be effective in solving optimization problems. The classifiers used in this study are Naïve Bayes, k-Nearest Neighbor, Decision Tree and Support Vector Machine that have been trained and tested using the NSL-KDD dataset. The performance of the abovementioned classifiers using different features values was evaluated. The experimental results indicate that the detection accuracy improves by approximately 1.55% when implemented using the PSO-based selected features than that of using GA-based selected features. The Decision Tree classifier that was trained with PSO-based selected features outperformed other classifiers with accuracy, precision, recall, and f-score result of 99.38%, 99.36%, 99.32%, and 99.34% respectively. The results show that using optimal features coupling with a good classifier in a detection system able to reduce the classifier model building time, reduce the computational burden to analyze data, and consequently attain high detection rate.


Download File

Full text not available from this repository.

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.21123/bsj.2021.18.2(Suppl.).0884
Publisher: College of Science for Women, University of Baghdad
Keywords: Intrusion detection system; Machine learning classifiers; Performance evaluation; Selected features
Depositing User: Mas Norain Hashim
Date Deposited: 02 Dec 2022 08:13
Last Modified: 02 Dec 2022 08:13
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.21123/bsj.2021.18.2(Suppl.).0884
URI: http://psasir.upm.edu.my/id/eprint/94543
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item