Enhanced feature selection and classification methods for intrusion detection systems

Abstract

Over the most recent years, computer networks have developed in size and complexity drastically and Intrusion Detection System (IDS) becomes a critical part of system framework. An IDS has to encounter the challenges like low detection rate and large computation. Poor feature selection in IDS can influence the accuracy of machine learning algorithms badly which leads to errors in the form of False Negatives (FN) and False Positives (FP), that require to be minimized. In the current research, at first, hybrid Genetic and Ant Colony Optimization (GACO) algorithm is introduced for intrusion detection. The Network Socket Layer Knowledge Discovery Dataset (NSL-KDD) is considered as an input. With the help of Best Feature Selection (BFS) algorithm, 41 features of KDD dataset have been reduced to 28 features for intrusion detection depending on feature vitality. Based on the features selected, the intrusions are classified by using hybrid GACO algorithm. In hybrid GACO, the solutions of Ant Colony Optimization (ACO) obtained from every generation are taken as the initial population of GA and the global optimal solution of ACO is included in the initial population of GA. The GACO system using BFS algorithm has problems with optimal feature selection techniques and so the classification precision is reduced. To overcome the above mentioned issue, the second part of the research introduces an optimal feature selection and classification using Gaussian Firefly Algorithm (GFA) and Improved Relevance Vector Machine (IRVM) classifier for IDS. In this, NSL-KDD dataset is preprocessed by using Kalman filtering algorithm, to handle missing values in the given KDD dataset. newline