Rule Mining Using Particle Swarm Optimization for Intrusion Detection Systems
DOI:
https://doi.org/10.25007/ajnu.v9n2a816Abstract
Traditional data mining techniques are commonly used to build the Intrusion Detection Systems IDSs. They are designed on the basis of some probabilistic methods that still do not take into account some of the important properties of each feature in the dataset. We believe that each feature in the dataset has its own crucial role for its characteristics, which should be taken into consideration. In this work, instead of using the traditional technique or applying feature selection methods we proposed max and min boundary mining approach to solve Anomaly Intrusion Detection System AIDS problem. The main idea of the proposed method is to handle each feature in the dataset independently extracting two important properties represented by max-boundary and min-boundary. First, Particle Swarm Optimization PSO is used to search for the optimal max and min boundary for each feature in each class from the train data set. Second, the generated max and min boundaries are used as detection rules in order to detect anomalies from normal behavior using test dataset. KDD Cup 99 and the new version of KDD Cup 99 called NSL-KDD datasets are used to test the proposed model and its performance is compared with four well-known techniques such as J48, Naïve Bayes, PART and SMO. In addition, performance is also compared with some recent work. Experiment results show that the proposed model is outperformed all other algorithms in all terms (true positive rate, false positive rate, f-measure, Recall, Precision, MCC and AUC).
Downloads
References
2. Ali, G. A., & Jantan, A. (2011). A New Approach Based on Honeybee to Improve Intrusion Detection System Using Neural Network and Bees Algorithm (pp. 777–792). Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22203-0_65
3. Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. Journal of Computational Science, 25, 152–160. https://doi.org/10.1016/j.jocs.2017.03.006
4. Benmessahel, I., Xie, K., & Chellal, M. (2018). A new evolutionary neural networks based on intrusion detection systems using multiverse optimization. Applied Intelligence, 48(8), 2315–2327. https://doi.org/10.1007/s10489-017-1085-y
5. Chung, Y. Y., & Wahid, N. (2012). A hybrid network intrusion detection system using simplified swarm optimization (SSO). Applied Soft Computing, 12(9), 3014–3022. https://doi.org/10.1016/J.ASOC.2012.04.020
6. Eberhart, R. C., & Shi, Y. (2000). Comparing inertia weights and constriction factors in particle swarm optimization. In Proceedings of the 2000 Congress on Evolutionary Computation. CEC00 (Cat. No.00TH8512) (Vol. 1, pp. 84–88). IEEE. https://doi.org/10.1109/CEC.2000.870279
7. Eberhart, R., & Kennedy, J. (1995). A new optimizer using particle swarm theory. In MHS’95. Proceedings of the Sixth International Symposium on Micro Machine and Human Science (pp. 39–43). IEEE. https://doi.org/10.1109/MHS.1995.494215
8. Eesa, A.S., Orman, Z., & Brifcani, A. M. A. (2015). A new feature selection model based on ID3 and bees algorithm for intrusion detection system. Turkish Journal of Electrical Engineering and Computer Sciences, 23(2). https://doi.org/10.3906/elk-1302-53
9. Eesa, Adel Sabry, Orman, Z., & Brifcani, A. M. A. (2015). A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Systems with Applications, 42(5), 2670–2679.
https://doi.org/10.1016/J.ESWA.2014.11.009
10. Gauthama Raman, M. R., Somu, N., Kirthivasan, K., Liscano, R., & Shankar Sriram, V. S. (2017). An efficient intrusion detection system based on hypergraph - Genetic algorithm for parameter optimization and feature selection in support vector machine. Knowledge-Based Systems, 134, 1–12. https://doi.org/10.1016/J.KNOSYS.2017.07.005
11. Guo, H., & Viktor, H. L. (2008). Learning from Skewed Class Multi-relational Databases. Retrieved from https://pdfs.semanticscholar.org/63f4/09c747a7a556701246cb3d69f669d3961690.pdf
12. Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., & Witten, I. H. (2009). The WEKA data mining software: an update. ACM SIGKDD Explorations Newsletter, 11(1), 10. https://doi.org/10.1145/1656274.1656278
13. Hamamoto, A. H., Carvalho, L. F., Sampaio, L. D. H., Abrão, T., & Proença, M. L. (2018). Network Anomaly Detection System using Genetic Algorithm and Fuzzy Logic. Expert Systems with Applications, 92, 390–402. https://doi.org/10.1016/J.ESWA.2017.09.013
14. Hosseini Bamakan, S. M., Wang, H., & Shi, Y. (2017). Ramp loss K-Support Vector Classification-Regression; a robust and sparse multi-class approach to the intrusion detection problem. Knowledge-Based Systems, 126, 113–126.
https://doi.org/10.1016/j.knosys.2017.03.012
15. Jiao, Y., & Du, P. (2016). Performance measures in evaluating machine learning based bioinformatics predictors for classifications. Quantitative Biology. https://doi.org/10.1007/s40484-016-0081-2
16. Kanaka Vardhini, K., & Sitamahalakshmi, T. (2017). Implementation of Intrusion Detection System Using Artificial Bee Colony with Correlation-Based Feature Selection (pp. 107–115). Springer, Singapore. https://doi.org/10.1007/978-981-10-2471-9_11
17. Levin, I. (2000). KDD-99 classifier learning contest LLSoft’s results overview. ACM SIGKDD Explorations Newsletter, 1(2), 67.
https://doi.org/10.1145/846183.846201
18. Mazini, M., Shirazi, B., & Mahdavi, I. (2018). Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. Journal of King Saud University - Computer and Information Sciences. https://doi.org/10.1016/j.jksuci.2018.03.011
19. NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB. (2017). Retrieved January 2, 2019, from https://www.unb.ca/cic/datasets/nsl.html
20. Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6). IEEE. https://doi.org/10.1109/CISDA.2009.5356528
21. UCI Machine Learning Repository. (2015). KDD Cup 1999 Data. Retrieved from http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
22. Varma, P. R. K., Kumari, V. V., & Kumar, S. S. (2016). Feature Selection Using Relative Fuzzy Entropy and Ant Colony Optimization Applied to Real-time Intrusion Detection System. Procedia Computer Science, 85, 503–510.
https://doi.org/10.1016/J.PROCS.2016.05.203
Downloads
Published
How to Cite
Issue
Section
License
Authors retain copyright
The use of a Creative Commons License enables authors/editors to retain copyright to their work. Publications can be reused and redistributed as long as the original author is correctly attributed.
- Copyright
- The researcher(s), whether a single or joint research paper, must sell and transfer to the publisher (the Academic Journal of Nawroz University) through all the duration of the publication which starts from the date of entering this Agreement into force, the exclusive rights of the research paper/article. These rights include the translation, reuse of papers/articles, transmit or distribute, or use the material or parts(s) contained therein to be published in scientific, academic, technical, professional journals or any other periodicals including any other works derived from them, all over the world, in English and Arabic, whether in print or in electronic edition of such journals and periodicals in all types of media or formats now or that may exist in the future. Rights also include giving license (or granting permission) to a third party to use the materials and any other works derived from them and publish them in such journals and periodicals all over the world. Transfer right under this Agreement includes the right to modify such materials to be used with computer systems and software, or to reproduce or publish it in e-formats and also to incorporate them into retrieval systems.
- Reproduction, reference, transmission, distribution or any other use of the content, or any parts of the subjects included in that content in any manner permitted by this Agreement, must be accompanied by mentioning the source which is (the Academic Journal of Nawroz University) and the publisher in addition to the title of the article, the name of the author (or co-authors), journal’s name, volume or issue, publisher's copyright, and publication year.
- The Academic Journal of Nawroz University reserves all rights to publish research papers/articles issued under a “Creative Commons License (CC BY-NC-ND 4.0) which permits unrestricted use, distribution, and reproduction of the paper/article by any means, provided that the original work is correctly cited.
- Reservation of Rights
The researcher(s) preserves all intellectual property rights (except for the one transferred to the publisher under this Agreement).
- Researcher’s guarantee
The researcher(s) hereby guarantees that the content of the paper/article is original. It has been submitted only to the Academic Journal of Nawroz University and has not been previously published by any other party.
In the event that the paper/article is written jointly with other researchers, the researcher guarantees that he/she has informed the other co-authors about the terms of this agreement, as well as obtaining their signature or written permission to sign on their behalf.
The author further guarantees:
- The research paper/article does not contain any defamatory statements or illegal comments.
- The research paper/article does not violate other's rights (including but not limited to copyright, patent, and trademark rights).
This research paper/article does not contain any facts or instructions that could cause damages or harm to others, and publishing it does not lead to disclosure of any confidential information.