在嵌入式入侵检测系统中使用遗传算法降低特征维度的性能研究

IF 2.3 4区 社会学 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY
Systems Pub Date : 2024-07-08 DOI:10.3390/systems12070243
João Lobo Silva, Rui Fernandes, Nuno Lopes
{"title":"在嵌入式入侵检测系统中使用遗传算法降低特征维度的性能研究","authors":"João Lobo Silva, Rui Fernandes, Nuno Lopes","doi":"10.3390/systems12070243","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems play a crucial role in a network. They can detect different network attacks and raise warnings on them. Machine Learning-based IDSs are trained on datasets that, due to the context, are inherently large, since they can contain network traffic from different time periods and often include a large number of features. In this paper, we present two contributions: the study of the importance of Feature Selection when using an IDS dataset, while striking a balance between performance and the number of features; and the study of the feasibility of using a low-capacity device, the Nvidia Jetson Nano, to implement an IDS. The results, comparing the GA with other well-known techniques in Feature Selection and Dimensionality Reduction, show that the GA has the best F1-score of 76%, among all feature/dimension sizes. Although the processing time to find the optimal set of features surpasses other methods, we observed that the reduction in the number of features decreases the GA processing time without a significant impact on the F1-score. The Jetson Nano allows the classification of network traffic with an overhead of 10 times in comparison to a traditional server, paving the way to a near real-time GA-based embedded IDS.","PeriodicalId":36394,"journal":{"name":"Systems","volume":"87 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Performance Study on the Use of Genetic Algorithm for Reducing Feature Dimensionality in an Embedded Intrusion Detection System\",\"authors\":\"João Lobo Silva, Rui Fernandes, Nuno Lopes\",\"doi\":\"10.3390/systems12070243\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion Detection Systems play a crucial role in a network. They can detect different network attacks and raise warnings on them. Machine Learning-based IDSs are trained on datasets that, due to the context, are inherently large, since they can contain network traffic from different time periods and often include a large number of features. In this paper, we present two contributions: the study of the importance of Feature Selection when using an IDS dataset, while striking a balance between performance and the number of features; and the study of the feasibility of using a low-capacity device, the Nvidia Jetson Nano, to implement an IDS. The results, comparing the GA with other well-known techniques in Feature Selection and Dimensionality Reduction, show that the GA has the best F1-score of 76%, among all feature/dimension sizes. Although the processing time to find the optimal set of features surpasses other methods, we observed that the reduction in the number of features decreases the GA processing time without a significant impact on the F1-score. The Jetson Nano allows the classification of network traffic with an overhead of 10 times in comparison to a traditional server, paving the way to a near real-time GA-based embedded IDS.\",\"PeriodicalId\":36394,\"journal\":{\"name\":\"Systems\",\"volume\":\"87 1\",\"pages\":\"\"},\"PeriodicalIF\":2.3000,\"publicationDate\":\"2024-07-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Systems\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://doi.org/10.3390/systems12070243\",\"RegionNum\":4,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"SOCIAL SCIENCES, INTERDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Systems","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.3390/systems12070243","RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

摘要

入侵检测系统在网络中发挥着至关重要的作用。它们可以检测到不同的网络攻击并发出警告。基于机器学习的 IDS 是在数据集上进行训练的,由于数据集可能包含不同时间段的网络流量,而且通常包含大量特征,因此数据集的规模本身就很大。在本文中,我们做出了两项贡献:研究了使用 IDS 数据集时特征选择的重要性,同时在性能和特征数量之间取得平衡;研究了使用低容量设备 Nvidia Jetson Nano 实现 IDS 的可行性。结果显示,在所有特征/维度大小中,GA 的 F1 分数最高,达到 76%。虽然找到最佳特征集所需的处理时间超过了其他方法,但我们观察到,特征数量的减少会减少 GA 的处理时间,而不会对 F1 分数产生显著影响。Jetson Nano 可对网络流量进行分类,其开销是传统服务器的 10 倍,为实现基于 GA 的近实时嵌入式 IDS 铺平了道路。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Performance Study on the Use of Genetic Algorithm for Reducing Feature Dimensionality in an Embedded Intrusion Detection System
Intrusion Detection Systems play a crucial role in a network. They can detect different network attacks and raise warnings on them. Machine Learning-based IDSs are trained on datasets that, due to the context, are inherently large, since they can contain network traffic from different time periods and often include a large number of features. In this paper, we present two contributions: the study of the importance of Feature Selection when using an IDS dataset, while striking a balance between performance and the number of features; and the study of the feasibility of using a low-capacity device, the Nvidia Jetson Nano, to implement an IDS. The results, comparing the GA with other well-known techniques in Feature Selection and Dimensionality Reduction, show that the GA has the best F1-score of 76%, among all feature/dimension sizes. Although the processing time to find the optimal set of features surpasses other methods, we observed that the reduction in the number of features decreases the GA processing time without a significant impact on the F1-score. The Jetson Nano allows the classification of network traffic with an overhead of 10 times in comparison to a traditional server, paving the way to a near real-time GA-based embedded IDS.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Systems
Systems Decision Sciences-Information Systems and Management
CiteScore
2.80
自引率
15.80%
发文量
204
审稿时长
11 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信