Feature Subset Selection in Intrusion Detection Using Soft Computing Techniques
vii Intrusions on computer network systems are major security issues these days. Therefore, it is of utmost importance to prevent such intrusions. The prevention of such intrusions is entirely dependent on their detection that is a main part of any security tool such as Intrusion Detection Syste...
Saved in:
Main Authors: | , |
---|---|
Format: | Thesis |
Published: |
2011
|
Subjects: | |
Online Access: | http://eprints.utp.edu.my/5710/1/PhD-IT-Thesis-Iftikhar-Ahmad-G00941-session2009-2011.pdf http://eprints.utp.edu.my/5710/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | vii
Intrusions on computer network systems are major security issues these days.
Therefore, it is of utmost importance to prevent such intrusions. The prevention of
such intrusions is entirely dependent on their detection that is a main part of any
security tool such as Intrusion Detection System (IDS), Intrusion Prevention System
(IPS), Adaptive Security Alliance (ASA), checkpoints and firewalls. Therefore,
accurate detection of network attack is imperative. A variety of intrusion detection
approaches are available but the main problem is their performance, which can be
enhanced by increasing the detection rates and reducing false positives. Such
weaknesses of the existing techniques have motivated the research presented in this
thesis.
One of the weaknesses of the existing intrusion detection approaches is the usage
of a raw dataset for classification but the classifier may get confused due to
redundancy and hence may not classify correctly. To overcome this issue, Principal
Component Analysis (PCA) has been employed to transform raw features into
principal features space and select the features based on their sensitivity. The
sensitivity is determined by the values of eigenvalues. The recent approaches use
PCA to project features space to principal feature space and select features
corresponding to the highest eigenvalues, but the features corresponding to the
highest eigenvalues may not have the optimal sensitivity for the classifier due to
ignoring many sensitive features. Instead of using traditional approach of selecting
features with the highest eigenvalues such as PCA, this research applied a Genetic
Algorithm (GA) to search the principal feature space that offers a subset of features
with optimal sensitivity and the highest discriminatory power.
Based on the selected features, the classification is performed. The Support
Vector Machine (SVM) and Multilayer Perceptron (MLP) are used for classification
purpose due to their proven ability in classification. This research work uses the
Knowledge Discovery and Data mining (KDD) cup dataset, which is considered benchmark for evaluating security detection mechanisms. The performance of this
approach was analyzed and compared with existing approaches. The results show that
proposed method provides an optimal intrusion detection mechanism that outperforms
the existing approaches and has the capability to minimize the number of features and
maximize the detection rates. |
---|