Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization

Bisyron Wahyudi Masduki; Kalamullah Ramli

doi:10.1109/ICCSCE.2016.7893606

Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization

Bisyron Wahyudi Masduki, Kalamullah Ramli

Department of Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

6 Citations (Scopus)

Abstract

IDS capability in detecting an attacks is highly dependent on the accuracy of attack detection which usually is represented by the least number of false alarms. In this work we simplify the large network dataset by selecting only the most important and influential features in the dataset to increase the IDS performance and accuracy. The creation of smaller dataset is aimed to decrease time for training the SVM machine learning in detecting attacks. This work designed and built a prototype of IDS equipped with machine learning models to improve accuracy in detecting DoS and R2L attacks. Machine-learning algorithms is added to recognize specific characteristics of the attack at the national Internet network. New methods and techniques developed by combining feature selection and parameter optimization algorithm are then implemented in the Internet monitoring system. Through experiment and analysis, we find out that for DOS attacks the proposed approach improved accuracy for the detection and increased in speed on training and testing phase. Even though limited and appropriate selection of parameters slightly decrease the accuracy in the detection of R2L attacks but our approach significantly increases the speed of the training and testing process.

Original language	English
Title of host publication	Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	397-402
Number of pages	6
ISBN (Electronic)	9781509011780
DOIs	https://doi.org/10.1109/ICCSCE.2016.7893606
Publication status	Published - 5 Apr 2017
Event	6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016 - Batu Ferringhi, Penang, Malaysia Duration: 25 Nov 2016 → 27 Nov 2016

Publication series

Name	Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016

Conference

Conference	6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016
Country/Territory	Malaysia
City	Batu Ferringhi, Penang
Period	25/11/16 → 27/11/16

Keywords

attack
intrusion detection system
machine-learning
support vector machine
threat

Access to Document

10.1109/ICCSCE.2016.7893606

Cite this

Masduki, B. W., & Ramli, K. (2017). Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization. In Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016 (pp. 397-402). [7893606] (Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCSCE.2016.7893606

Masduki, Bisyron Wahyudi ; Ramli, Kalamullah. / Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization. Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 397-402 (Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016).

@inproceedings{bbc5888779cc49b08d0e0c663f4ae8d0,

title = "Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization",

abstract = "IDS capability in detecting an attacks is highly dependent on the accuracy of attack detection which usually is represented by the least number of false alarms. In this work we simplify the large network dataset by selecting only the most important and influential features in the dataset to increase the IDS performance and accuracy. The creation of smaller dataset is aimed to decrease time for training the SVM machine learning in detecting attacks. This work designed and built a prototype of IDS equipped with machine learning models to improve accuracy in detecting DoS and R2L attacks. Machine-learning algorithms is added to recognize specific characteristics of the attack at the national Internet network. New methods and techniques developed by combining feature selection and parameter optimization algorithm are then implemented in the Internet monitoring system. Through experiment and analysis, we find out that for DOS attacks the proposed approach improved accuracy for the detection and increased in speed on training and testing phase. Even though limited and appropriate selection of parameters slightly decrease the accuracy in the detection of R2L attacks but our approach significantly increases the speed of the training and testing process.",

keywords = "attack, intrusion detection system, machine-learning, support vector machine, threat",

author = "Masduki, {Bisyron Wahyudi} and Kalamullah Ramli",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016 ; Conference date: 25-11-2016 Through 27-11-2016",

year = "2017",

month = apr,

day = "5",

doi = "10.1109/ICCSCE.2016.7893606",

language = "English",

series = "Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "397--402",

booktitle = "Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016",

address = "United States",

}

Masduki, BW & Ramli, K 2017, Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization. in Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016., 7893606, Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016, Institute of Electrical and Electronics Engineers Inc., pp. 397-402, 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016, Batu Ferringhi, Penang, Malaysia, 25/11/16. https://doi.org/10.1109/ICCSCE.2016.7893606

Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization. / Masduki, Bisyron Wahyudi; Ramli, Kalamullah.

Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 397-402 7893606 (Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization

AU - Masduki, Bisyron Wahyudi

AU - Ramli, Kalamullah

PY - 2017/4/5

Y1 - 2017/4/5

N2 - IDS capability in detecting an attacks is highly dependent on the accuracy of attack detection which usually is represented by the least number of false alarms. In this work we simplify the large network dataset by selecting only the most important and influential features in the dataset to increase the IDS performance and accuracy. The creation of smaller dataset is aimed to decrease time for training the SVM machine learning in detecting attacks. This work designed and built a prototype of IDS equipped with machine learning models to improve accuracy in detecting DoS and R2L attacks. Machine-learning algorithms is added to recognize specific characteristics of the attack at the national Internet network. New methods and techniques developed by combining feature selection and parameter optimization algorithm are then implemented in the Internet monitoring system. Through experiment and analysis, we find out that for DOS attacks the proposed approach improved accuracy for the detection and increased in speed on training and testing phase. Even though limited and appropriate selection of parameters slightly decrease the accuracy in the detection of R2L attacks but our approach significantly increases the speed of the training and testing process.

AB - IDS capability in detecting an attacks is highly dependent on the accuracy of attack detection which usually is represented by the least number of false alarms. In this work we simplify the large network dataset by selecting only the most important and influential features in the dataset to increase the IDS performance and accuracy. The creation of smaller dataset is aimed to decrease time for training the SVM machine learning in detecting attacks. This work designed and built a prototype of IDS equipped with machine learning models to improve accuracy in detecting DoS and R2L attacks. Machine-learning algorithms is added to recognize specific characteristics of the attack at the national Internet network. New methods and techniques developed by combining feature selection and parameter optimization algorithm are then implemented in the Internet monitoring system. Through experiment and analysis, we find out that for DOS attacks the proposed approach improved accuracy for the detection and increased in speed on training and testing phase. Even though limited and appropriate selection of parameters slightly decrease the accuracy in the detection of R2L attacks but our approach significantly increases the speed of the training and testing process.

KW - attack

KW - intrusion detection system

KW - machine-learning

KW - support vector machine

KW - threat

UR - http://www.scopus.com/inward/record.url?scp=85018967994&partnerID=8YFLogxK

U2 - 10.1109/ICCSCE.2016.7893606

DO - 10.1109/ICCSCE.2016.7893606

M3 - Conference contribution

AN - SCOPUS:85018967994

T3 - Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016

SP - 397

EP - 402

BT - Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016

Y2 - 25 November 2016 through 27 November 2016

ER -

Masduki BW, Ramli K. Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization. In Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 397-402. 7893606. (Proceedings - 6th IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2016). doi: 10.1109/ICCSCE.2016.7893606

Improving intrusion detection system detection accuracy and reducing learning time by combining selected features selection and parameters optimization

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this