Logo

Feature Subset Selection in Intrusion Detection Using Soft Computing Techniques

Iftikhar , Ahmad and Azween, Abdullah (2011) Feature Subset Selection in Intrusion Detection Using Soft Computing Techniques. PhD thesis, UNIVERSITI TEKNOLOGI PETRONAS.

[img] Archive (ZIP) - Published Version
Restricted to Registered users only

2534Kb

Abstract

vii Intrusions on computer network systems are major security issues these days. Therefore, it is of utmost importance to prevent such intrusions. The prevention of such intrusions is entirely dependent on their detection that is a main part of any security tool such as Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Adaptive Security Alliance (ASA), checkpoints and firewalls. Therefore, accurate detection of network attack is imperative. A variety of intrusion detection approaches are available but the main problem is their performance, which can be enhanced by increasing the detection rates and reducing false positives. Such weaknesses of the existing techniques have motivated the research presented in this thesis. One of the weaknesses of the existing intrusion detection approaches is the usage of a raw dataset for classification but the classifier may get confused due to redundancy and hence may not classify correctly. To overcome this issue, Principal Component Analysis (PCA) has been employed to transform raw features into principal features space and select the features based on their sensitivity. The sensitivity is determined by the values of eigenvalues. The recent approaches use PCA to project features space to principal feature space and select features corresponding to the highest eigenvalues, but the features corresponding to the highest eigenvalues may not have the optimal sensitivity for the classifier due to ignoring many sensitive features. Instead of using traditional approach of selecting features with the highest eigenvalues such as PCA, this research applied a Genetic Algorithm (GA) to search the principal feature space that offers a subset of features with optimal sensitivity and the highest discriminatory power. Based on the selected features, the classification is performed. The Support Vector Machine (SVM) and Multilayer Perceptron (MLP) are used for classification purpose due to their proven ability in classification. This research work uses the Knowledge Discovery and Data mining (KDD) cup dataset, which is considered benchmark for evaluating security detection mechanisms. The performance of this approach was analyzed and compared with existing approaches. The results show that proposed method provides an optimal intrusion detection mechanism that outperforms the existing approaches and has the capability to minimize the number of features and maximize the detection rates.

Item Type:Thesis (PhD)
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments / MOR / COE:Departments > Computer Information Sciences
ID Code:5710
Deposited By: Assoc Prof Dr Azween Abdullah
Deposited On:12 Jun 2011 04:52
Last Modified:31 Dec 2012 04:18

Repository Staff Only: item control page

Document Downloads

More statistics for this item...