Bees algorithm for feature selection in network anomaly detection

Osama Alomari, Zulaiha Ali Othman

Research output: Contribution to journalArticle

21 Citations (Scopus)

Abstract

Intrusion Detection (ID) is the most significant component in Network Security System as it is responsible to detect several types of attacks. Having a high quality intrusion detection system (IDS) is in high demand. The IDS commonly deals with a large amount of data traffic, which involves irrelevant and redundant features. The feature selection is one of the prominent factors that influence the quality of IDS. Thus, in this paper, we have proposed a wrapper-based feature selection approach using Bees algorithm (BA) as a search strategy for subset generation, and using Support Vector Machine (SVM) as the classifier. The experiments used four random subsets collected from KDD-cup 99. Each subset contains around 4000 records. The performance of the proposed approach is evaluated based on standard IDS measurements such as: detection rate, false alarm rate, and classification accuracy comparing with feature selection techniques such as Rough-DPSO, Rough, Linear Genetic Programming (LGP), Multivariate Regression Splines (MARS), and Support Vector Decision Function Ranking (SVDF). The result shows that the feature subset produced by BA-SVM has yielded better quality IDS.

Original languageEnglish
Pages (from-to)1748-1756
Number of pages9
JournalJournal of Applied Sciences Research
Volume8
Issue number3
Publication statusPublished - Mar 2012

Fingerprint

Intrusion detection
Feature extraction
Set theory
Support vector machines
Genetic programming
Network security
Security systems
Splines
Classifiers
Experiments

Keywords

  • Anomaly detection
  • Bees algorithm
  • Feature selection
  • Ids

ASJC Scopus subject areas

  • General

Cite this

Bees algorithm for feature selection in network anomaly detection. / Alomari, Osama; Ali Othman, Zulaiha.

In: Journal of Applied Sciences Research, Vol. 8, No. 3, 03.2012, p. 1748-1756.

Research output: Contribution to journalArticle

@article{73e8d99ed2254f9b85b65584b7cf46ef,
title = "Bees algorithm for feature selection in network anomaly detection",
abstract = "Intrusion Detection (ID) is the most significant component in Network Security System as it is responsible to detect several types of attacks. Having a high quality intrusion detection system (IDS) is in high demand. The IDS commonly deals with a large amount of data traffic, which involves irrelevant and redundant features. The feature selection is one of the prominent factors that influence the quality of IDS. Thus, in this paper, we have proposed a wrapper-based feature selection approach using Bees algorithm (BA) as a search strategy for subset generation, and using Support Vector Machine (SVM) as the classifier. The experiments used four random subsets collected from KDD-cup 99. Each subset contains around 4000 records. The performance of the proposed approach is evaluated based on standard IDS measurements such as: detection rate, false alarm rate, and classification accuracy comparing with feature selection techniques such as Rough-DPSO, Rough, Linear Genetic Programming (LGP), Multivariate Regression Splines (MARS), and Support Vector Decision Function Ranking (SVDF). The result shows that the feature subset produced by BA-SVM has yielded better quality IDS.",
keywords = "Anomaly detection, Bees algorithm, Feature selection, Ids",
author = "Osama Alomari and {Ali Othman}, Zulaiha",
year = "2012",
month = "3",
language = "English",
volume = "8",
pages = "1748--1756",
journal = "Journal of Applied Sciences Research",
issn = "1816-157X",
publisher = "INSInet Publications",
number = "3",

}

TY - JOUR

T1 - Bees algorithm for feature selection in network anomaly detection

AU - Alomari, Osama

AU - Ali Othman, Zulaiha

PY - 2012/3

Y1 - 2012/3

N2 - Intrusion Detection (ID) is the most significant component in Network Security System as it is responsible to detect several types of attacks. Having a high quality intrusion detection system (IDS) is in high demand. The IDS commonly deals with a large amount of data traffic, which involves irrelevant and redundant features. The feature selection is one of the prominent factors that influence the quality of IDS. Thus, in this paper, we have proposed a wrapper-based feature selection approach using Bees algorithm (BA) as a search strategy for subset generation, and using Support Vector Machine (SVM) as the classifier. The experiments used four random subsets collected from KDD-cup 99. Each subset contains around 4000 records. The performance of the proposed approach is evaluated based on standard IDS measurements such as: detection rate, false alarm rate, and classification accuracy comparing with feature selection techniques such as Rough-DPSO, Rough, Linear Genetic Programming (LGP), Multivariate Regression Splines (MARS), and Support Vector Decision Function Ranking (SVDF). The result shows that the feature subset produced by BA-SVM has yielded better quality IDS.

AB - Intrusion Detection (ID) is the most significant component in Network Security System as it is responsible to detect several types of attacks. Having a high quality intrusion detection system (IDS) is in high demand. The IDS commonly deals with a large amount of data traffic, which involves irrelevant and redundant features. The feature selection is one of the prominent factors that influence the quality of IDS. Thus, in this paper, we have proposed a wrapper-based feature selection approach using Bees algorithm (BA) as a search strategy for subset generation, and using Support Vector Machine (SVM) as the classifier. The experiments used four random subsets collected from KDD-cup 99. Each subset contains around 4000 records. The performance of the proposed approach is evaluated based on standard IDS measurements such as: detection rate, false alarm rate, and classification accuracy comparing with feature selection techniques such as Rough-DPSO, Rough, Linear Genetic Programming (LGP), Multivariate Regression Splines (MARS), and Support Vector Decision Function Ranking (SVDF). The result shows that the feature subset produced by BA-SVM has yielded better quality IDS.

KW - Anomaly detection

KW - Bees algorithm

KW - Feature selection

KW - Ids

UR - http://www.scopus.com/inward/record.url?scp=84866000333&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84866000333&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:84866000333

VL - 8

SP - 1748

EP - 1756

JO - Journal of Applied Sciences Research

JF - Journal of Applied Sciences Research

SN - 1816-157X

IS - 3

ER -