A New Intrusion Detection Strategy Based on Combined Feature Selection Methodology and Machine Learning Technique.

Document Type : Research Studies

Author

Assistant Professor of Communications & Electronics Engineering Department, Delta Higher Institute for Engineering & Technology, Mansoura, Egypt

Abstract

Intrusion detection system is a significant security mechanism that monitors network traffic to assist prevents unwanted access to network resources. Effective intrusion detection is an important issue for defending networks against potential intrusions. In this paper, a new intrusion detection strategy is proposed. The recommended intrusion detection strategy is divided into three steps: (i) Preparing step, (ii) Feature selection step, and (iii) Classification step. Preparing step gathers and analyzes network traffic in readiness for training and testing. Feature selection step aims to choose the significant features for detecting intrusion attacks form preparing step. It comprises of two successive feature selection modules, which are; quick selection module and precise selection module.  Precise selection module deploys genetic algorithm as a wrapper method, whereas quick selection module relies on filter. Based on the most effective features identified by feature selection step, the classification step seeks to detect intrusion attacks with the least amount of time penalty. It contains two phases: prioritized naive bayes phase and distance encouragement phase, which avoids the problems of naive bayes classifiers. The presented intrusion detection strategy beats other previous approaches using the NSL-KDD dataset, according to the experimental tests.  Intrusion detection strategy provides the highest accuracy, precision, recall and F1-measure with values equal to 97.6%, 98.24%, 98.14%, and 98.11% respectively with minimum time penalty.

Keywords

Main Subjects