Building lightweight intrusion detection system using wrapper-based feature selection mechanisms

Li, Yang; Wang, Junli; Tian, Zhihong; Lu, Tianbo; Young, Chen W.

doi:10.1016/j.cose.2009.01.001

Cited by 93 publications

(42 citation statements)

References 14 publications

(15 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Figure 6a-c, the features wrong_format (8) and same_serv_rate (29) are the most contributing features to detect the DOS attack. Moreover, Tcp fragmentation (teardrop attack) also belongs to the DOS attack as it prevents reassembly protocols from fixing together fragmented user define protocol (UDP) traffic packets that may be sent across the network to the assigned destination by rebooting the targeted host.…”

Section: Resultsmentioning

confidence: 99%

Network Intrusion Detection through Discriminative Feature Selection by Using Sparse Logistic Regression

et al. 2017

View full text Add to dashboard Cite

Intrusion detection system (IDS) is a well-known and effective component of network security that provides transactions upon the network systems with security and safety. Most of earlier research has addressed difficulties such as overfitting, feature redundancy, high-dimensional features and a limited number of training samples but feature selection. We approach the problem of feature selection via sparse logistic regression (SPLR). In this paper, we propose a discriminative feature selection and intrusion classification based on SPLR for IDS. The SPLR is a recently developed technique for data analysis and processing via sparse regularized optimization that selects a small subset from the original feature variables to model the data for the purpose of classification. A linear SPLR model aims to select the discriminative features from the repository of datasets and learns the coefficients of the linear classifier. Compared with the feature selection approaches, like filter (ranking) and wrapper methods that separate the feature selection and classification problems, SPLR can combine feature selection and classification into a unified framework. The experiments in this correspondence demonstrate that the proposed method has better performance than most of the well-known techniques used for intrusion detection.

show abstract

Section: Resultsmentioning

confidence: 99%

Network Intrusion Detection through Discriminative Feature Selection by Using Sparse Logistic Regression

et al. 2017

View full text Add to dashboard Cite

show abstract

“…These datasets were used in many of IDS works such as in Liu et al (2007), Shafi and Abbas (2009) and Li et al, (2009). Tsai et al (2009) reported there have been 30 major IDS studies used KDDCup 1999 datasets in their research.…”

Section: Methodsmentioning

confidence: 99%

Design of Adaptive IDS with Regulated Retraining Approach

Zainal

Maarof

Shamsuddin

et al. 2012

Communications in Computer and Information Science

View full text Add to dashboard Cite

Abstract.Computer networks are becoming more insecure and vulnerable to intrusions and attacks as they are increasingly accessible to users globally. To minimize possibility of intrusions and attacks, various intrusion detection models have been proposed. However, the existing procedures suffer high false alarm, not adequately adaptive, low accuracy and rigid. The detection performance deteriorates when behavior of traffic is changing and new attacks continually emerge. Therefore, the need to update the reference model for any given anomaly-based intrusion detection is necessary to keep up with these changes. Severe changes should be addressed immediately before the performance is compromised. Available updating approaches include dynamic, periodic and regulated. Unfortunately, none considers severity of changes to trigger the updating. This paper proposed an adaptive IDS model using regulated retraining approach based on severity of changes in network traffic. Therefore, retraining can be done as and when necessary. Changes are denoted by ambiguous decisions and assumed to reflect insufficient knowledge of classifiers to make decision. Results show that the proposed approach is able to improve detection accuracy and reduce false alarm.

show abstract

“…The references of articles written for Ensemble classifiers are as follows. [18,20,92,97,151,152,153,154,155,156,157,158,159,160,161] Year-wise work done for single, hybrid and ensemble classifiers from 2000 to 2012 is shown in figure 1. …”

Section: Machine Learning Techniquesmentioning

confidence: 99%

Analysis of Machine Learning Techniques for Intrusion Detection System: A Review

Shah¹,

Hayat²,

Awan³

2015

IJCA

View full text Add to dashboard Cite

Security is a key issue to both computer and computer networks. Intrusion detection System (IDS) is one of the major research problems in network security. IDSs are developed to detect both known and unknown attacks. There are many techniques used in IDS for protecting computers and networks from network based and host based attacks. Various Machine learning techniques are used in IDS. This study analyzes machine learning techniques in IDS. It also reviews many related studies done in the period from 2000 to 2012 and it focuses on machine learning techniques. Related studies include single, hybrid, ensemble classifiers, baseline and datasets used.

show abstract

Building lightweight intrusion detection system using wrapper-based feature selection mechanisms

Cited by 93 publications

References 14 publications

Network Intrusion Detection through Discriminative Feature Selection by Using Sparse Logistic Regression

Network Intrusion Detection through Discriminative Feature Selection by Using Sparse Logistic Regression

Design of Adaptive IDS with Regulated Retraining Approach

Analysis of Machine Learning Techniques for Intrusion Detection System: A Review

Contact Info

Product

Resources

About