Rule Mining Using Particle Swarm Optimization for Intrusion Detection Systems
DOI:
https://doi.org/10.25007/ajnu.v9n2a816الملخص
Traditional data mining techniques are commonly used to build the Intrusion Detection Systems IDSs. They are designed on the basis of some probabilistic methods that still do not take into account some of the important properties of each feature in the dataset. We believe that each feature in the dataset has its own crucial role for its characteristics, which should be taken into consideration. In this work, instead of using the traditional technique or applying feature selection methods we proposed max and min boundary mining approach to solve Anomaly Intrusion Detection System AIDS problem. The main idea of the proposed method is to handle each feature in the dataset independently extracting two important properties represented by max-boundary and min-boundary. First, Particle Swarm Optimization PSO is used to search for the optimal max and min boundary for each feature in each class from the train data set. Second, the generated max and min boundaries are used as detection rules in order to detect anomalies from normal behavior using test dataset. KDD Cup 99 and the new version of KDD Cup 99 called NSL-KDD datasets are used to test the proposed model and its performance is compared with four well-known techniques such as J48, Naïve Bayes, PART and SMO. In addition, performance is also compared with some recent work. Experiment results show that the proposed model is outperformed all other algorithms in all terms (true positive rate, false positive rate, f-measure, Recall, Precision, MCC and AUC).
التنزيلات
المراجع
2. Ali, G. A., & Jantan, A. (2011). A New Approach Based on Honeybee to Improve Intrusion Detection System Using Neural Network and Bees Algorithm (pp. 777–792). Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22203-0_65
3. Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. Journal of Computational Science, 25, 152–160. https://doi.org/10.1016/j.jocs.2017.03.006
4. Benmessahel, I., Xie, K., & Chellal, M. (2018). A new evolutionary neural networks based on intrusion detection systems using multiverse optimization. Applied Intelligence, 48(8), 2315–2327. https://doi.org/10.1007/s10489-017-1085-y
5. Chung, Y. Y., & Wahid, N. (2012). A hybrid network intrusion detection system using simplified swarm optimization (SSO). Applied Soft Computing, 12(9), 3014–3022. https://doi.org/10.1016/J.ASOC.2012.04.020
6. Eberhart, R. C., & Shi, Y. (2000). Comparing inertia weights and constriction factors in particle swarm optimization. In Proceedings of the 2000 Congress on Evolutionary Computation. CEC00 (Cat. No.00TH8512) (Vol. 1, pp. 84–88). IEEE. https://doi.org/10.1109/CEC.2000.870279
7. Eberhart, R., & Kennedy, J. (1995). A new optimizer using particle swarm theory. In MHS’95. Proceedings of the Sixth International Symposium on Micro Machine and Human Science (pp. 39–43). IEEE. https://doi.org/10.1109/MHS.1995.494215
8. Eesa, A.S., Orman, Z., & Brifcani, A. M. A. (2015). A new feature selection model based on ID3 and bees algorithm for intrusion detection system. Turkish Journal of Electrical Engineering and Computer Sciences, 23(2). https://doi.org/10.3906/elk-1302-53
9. Eesa, Adel Sabry, Orman, Z., & Brifcani, A. M. A. (2015). A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Systems with Applications, 42(5), 2670–2679.
https://doi.org/10.1016/J.ESWA.2014.11.009
10. Gauthama Raman, M. R., Somu, N., Kirthivasan, K., Liscano, R., & Shankar Sriram, V. S. (2017). An efficient intrusion detection system based on hypergraph - Genetic algorithm for parameter optimization and feature selection in support vector machine. Knowledge-Based Systems, 134, 1–12. https://doi.org/10.1016/J.KNOSYS.2017.07.005
11. Guo, H., & Viktor, H. L. (2008). Learning from Skewed Class Multi-relational Databases. Retrieved from https://pdfs.semanticscholar.org/63f4/09c747a7a556701246cb3d69f669d3961690.pdf
12. Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., & Witten, I. H. (2009). The WEKA data mining software: an update. ACM SIGKDD Explorations Newsletter, 11(1), 10. https://doi.org/10.1145/1656274.1656278
13. Hamamoto, A. H., Carvalho, L. F., Sampaio, L. D. H., Abrão, T., & Proença, M. L. (2018). Network Anomaly Detection System using Genetic Algorithm and Fuzzy Logic. Expert Systems with Applications, 92, 390–402. https://doi.org/10.1016/J.ESWA.2017.09.013
14. Hosseini Bamakan, S. M., Wang, H., & Shi, Y. (2017). Ramp loss K-Support Vector Classification-Regression; a robust and sparse multi-class approach to the intrusion detection problem. Knowledge-Based Systems, 126, 113–126.
https://doi.org/10.1016/j.knosys.2017.03.012
15. Jiao, Y., & Du, P. (2016). Performance measures in evaluating machine learning based bioinformatics predictors for classifications. Quantitative Biology. https://doi.org/10.1007/s40484-016-0081-2
16. Kanaka Vardhini, K., & Sitamahalakshmi, T. (2017). Implementation of Intrusion Detection System Using Artificial Bee Colony with Correlation-Based Feature Selection (pp. 107–115). Springer, Singapore. https://doi.org/10.1007/978-981-10-2471-9_11
17. Levin, I. (2000). KDD-99 classifier learning contest LLSoft’s results overview. ACM SIGKDD Explorations Newsletter, 1(2), 67.
https://doi.org/10.1145/846183.846201
18. Mazini, M., Shirazi, B., & Mahdavi, I. (2018). Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. Journal of King Saud University - Computer and Information Sciences. https://doi.org/10.1016/j.jksuci.2018.03.011
19. NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB. (2017). Retrieved January 2, 2019, from https://www.unb.ca/cic/datasets/nsl.html
20. Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6). IEEE. https://doi.org/10.1109/CISDA.2009.5356528
21. UCI Machine Learning Repository. (2015). KDD Cup 1999 Data. Retrieved from http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
22. Varma, P. R. K., Kumari, V. V., & Kumar, S. S. (2016). Feature Selection Using Relative Fuzzy Entropy and Ant Colony Optimization Applied to Real-time Intrusion Detection System. Procedia Computer Science, 85, 503–510.
https://doi.org/10.1016/J.PROCS.2016.05.203
التنزيلات
منشور
كيفية الاقتباس
إصدار
القسم
الرخصة
بيان الحقوق الفكرية
حقوق التأليف
يوافق المؤلفون الذين ينشرون في هذه المجلة على المصطلحات التالية:
١. يحتفظ المؤلفون بحقوق الطبع والنشر ومنح حق المجلة في النشر الأول مع العمل المرخص له في نفس الوقت بموجب ترخيص المشاع الإبداعي [سيسي بي-نك-ند 4.0] الذي يسمح للآخرين بمشاركة العمل مع الإقرار بحقوق التأليف والنشر الأولي في هذه المجلة.
٢. يمكن للمؤلفين الدخول في ترتيبات تعاقدية إضافية منفصلة للتوزيع غير الحصري للنسخة المنشورة من المجلة من العمل (على سبيل المثال، نشرها في مستودع مؤسسي أو نشرها في كتاب) مع الإقرار بنسخة أولية نشر في هذه المجلة.
٣. يسمح للمؤلفين وتشجيعهم على نشر عملهم عبر الإنترنت (على سبيل المثال، في المستودعات المؤسسية أو على موقعهم على الويب) قبل وأثناء عملية التقديم، حيث يمكن أن يؤدي إلى التبادلات الإنتاجية، فضلا عن الاستشهاد المبكر والأكبر للعمل المنشورة ( انظر تأثير النفاذ المفتوح).
نقل حقوق الطبع والنشر
بيان الخصوصية
المجلة الأكاديمية لجامعة نوروز ملتزمة بحماية خصوصية مستخدمي موقع المجلة هذا. سيتم استخدام الأسماء والتفاصيل الشخصية وعناوين البريد الإلكتروني التي تم إدخالها في هذا الموقع الإلكتروني فقط للأغراض المعلنة لهذه المجلة ولن يتم إتاحتها لأطراف ثالثة بدون إذن المستخدم أو الإجراءات القانونية الواجبة. موافقة المستخدمين مطلوبة لتلقي الاتصالات من المجلة الأكاديمية لجامعة نوروز للأغراض المعلنة للمجلة. ويمكن توجيه الاستفسارات المتعلقة بالخصوص إلى [email protected]