Improving the Performance of Intrusion Detection System through Finding the Most Effective Features

2021 International Congress of Advanced Technology and Engineering (ICOTEN) Pub Date : 2021-07-04 DOI:10.1109/ICOTEN52080.2021.9493564

A. Al-Bakaa, Bahaa Al-Musawi

{"title":"Improving the Performance of Intrusion Detection System through Finding the Most Effective Features","authors":"A. Al-Bakaa, Bahaa Al-Musawi","doi":"10.1109/ICOTEN52080.2021.9493564","DOIUrl":null,"url":null,"abstract":"In recent years, we witnessed the ensuing surge in massive numbers and types of attacks. The future years will continue these trends but at a faster pace as a result of increasing the number of devices and the development of IoT devices. Thus, it becomes really important to detect different types of threats and hence secure these resources. To that end, previous works examined different feature selection techniques and machine learning algorithms. However, they are either suffer from a low detection accuracy or are not able to detect various types of attacks particularly the low-frequency attacks like worms. In this paper, we use multiple feature selection algorithms to find the subset of the more relevant features regarding each type of attack. Forward Selection Ranking and Backward Elimination Ranking algorithms are used along with decision tree classifier and random forest classifier. The system is evaluated in terms of accuracy, precision, sensitivity, and F-score and shows very high performance in detecting all types of attacks. It can detect all types of attacks with an accuracy rate of 99.9% and 99.96% for binary classification.","PeriodicalId":308802,"journal":{"name":"2021 International Congress of Advanced Technology and Engineering (ICOTEN)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Congress of Advanced Technology and Engineering (ICOTEN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOTEN52080.2021.9493564","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

In recent years, we witnessed the ensuing surge in massive numbers and types of attacks. The future years will continue these trends but at a faster pace as a result of increasing the number of devices and the development of IoT devices. Thus, it becomes really important to detect different types of threats and hence secure these resources. To that end, previous works examined different feature selection techniques and machine learning algorithms. However, they are either suffer from a low detection accuracy or are not able to detect various types of attacks particularly the low-frequency attacks like worms. In this paper, we use multiple feature selection algorithms to find the subset of the more relevant features regarding each type of attack. Forward Selection Ranking and Backward Elimination Ranking algorithms are used along with decision tree classifier and random forest classifier. The system is evaluated in terms of accuracy, precision, sensitivity, and F-score and shows very high performance in detecting all types of attacks. It can detect all types of attacks with an accuracy rate of 99.9% and 99.96% for binary classification.

查看原文本刊更多论文

通过发现最有效的特征来提高入侵检测系统的性能

近年来，我们目睹了攻击数量和类型的激增。未来几年将继续这些趋势，但由于设备数量的增加和物联网设备的发展，这些趋势将以更快的速度发展。因此，检测不同类型的威胁并保护这些资源变得非常重要。为此，以前的工作研究了不同的特征选择技术和机器学习算法。然而，它们要么检测准确率较低，要么无法检测到各种类型的攻击，特别是蠕虫等低频攻击。在本文中，我们使用多个特征选择算法来找到针对每种攻击类型的更相关特征的子集。前向选择排序和后向消除排序算法与决策树分类器和随机森林分类器一起使用。该系统在准确性、精度、灵敏度和f分数方面进行了评估，在检测所有类型的攻击方面表现出非常高的性能。它可以检测到所有类型的攻击，准确率为99.9%，对二进制分类准确率为99.96%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2021 International Congress of Advanced Technology and Engineering (ICOTEN)

自引率

0.00%

发文量