Performance Study on the Use of Genetic Algorithm for Reducing Feature Dimensionality in an Embedded Intrusion Detection System

IF 2.3 4区 社会学 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY Systems Pub Date : 2024-07-08 DOI:10.3390/systems12070243
João Lobo Silva, Rui Fernandes, Nuno Lopes
{"title":"Performance Study on the Use of Genetic Algorithm for Reducing Feature Dimensionality in an Embedded Intrusion Detection System","authors":"João Lobo Silva, Rui Fernandes, Nuno Lopes","doi":"10.3390/systems12070243","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems play a crucial role in a network. They can detect different network attacks and raise warnings on them. Machine Learning-based IDSs are trained on datasets that, due to the context, are inherently large, since they can contain network traffic from different time periods and often include a large number of features. In this paper, we present two contributions: the study of the importance of Feature Selection when using an IDS dataset, while striking a balance between performance and the number of features; and the study of the feasibility of using a low-capacity device, the Nvidia Jetson Nano, to implement an IDS. The results, comparing the GA with other well-known techniques in Feature Selection and Dimensionality Reduction, show that the GA has the best F1-score of 76%, among all feature/dimension sizes. Although the processing time to find the optimal set of features surpasses other methods, we observed that the reduction in the number of features decreases the GA processing time without a significant impact on the F1-score. The Jetson Nano allows the classification of network traffic with an overhead of 10 times in comparison to a traditional server, paving the way to a near real-time GA-based embedded IDS.","PeriodicalId":36394,"journal":{"name":"Systems","volume":"87 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Systems","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.3390/systems12070243","RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

Intrusion Detection Systems play a crucial role in a network. They can detect different network attacks and raise warnings on them. Machine Learning-based IDSs are trained on datasets that, due to the context, are inherently large, since they can contain network traffic from different time periods and often include a large number of features. In this paper, we present two contributions: the study of the importance of Feature Selection when using an IDS dataset, while striking a balance between performance and the number of features; and the study of the feasibility of using a low-capacity device, the Nvidia Jetson Nano, to implement an IDS. The results, comparing the GA with other well-known techniques in Feature Selection and Dimensionality Reduction, show that the GA has the best F1-score of 76%, among all feature/dimension sizes. Although the processing time to find the optimal set of features surpasses other methods, we observed that the reduction in the number of features decreases the GA processing time without a significant impact on the F1-score. The Jetson Nano allows the classification of network traffic with an overhead of 10 times in comparison to a traditional server, paving the way to a near real-time GA-based embedded IDS.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
在嵌入式入侵检测系统中使用遗传算法降低特征维度的性能研究
入侵检测系统在网络中发挥着至关重要的作用。它们可以检测到不同的网络攻击并发出警告。基于机器学习的 IDS 是在数据集上进行训练的,由于数据集可能包含不同时间段的网络流量,而且通常包含大量特征,因此数据集的规模本身就很大。在本文中,我们做出了两项贡献:研究了使用 IDS 数据集时特征选择的重要性,同时在性能和特征数量之间取得平衡;研究了使用低容量设备 Nvidia Jetson Nano 实现 IDS 的可行性。结果显示,在所有特征/维度大小中,GA 的 F1 分数最高,达到 76%。虽然找到最佳特征集所需的处理时间超过了其他方法,但我们观察到,特征数量的减少会减少 GA 的处理时间,而不会对 F1 分数产生显著影响。Jetson Nano 可对网络流量进行分类,其开销是传统服务器的 10 倍,为实现基于 GA 的近实时嵌入式 IDS 铺平了道路。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Systems
Systems Decision Sciences-Information Systems and Management
CiteScore
2.80
自引率
15.80%
发文量
204
审稿时长
11 weeks
期刊最新文献
A Study of the Main Mathematical Models Used in Mobility, Storage, Pickup and Delivery in Urban Logistics: A Systematic Review One-Bit In, Two-Bit Out: Network-Based Metrics of Papers Can Be Largely Improved by Including Only the External Citation Counts without the Citation Relations Nash–Cournot Equilibrium and Its Impact on Network Transmission Congestion Integrating System Perspectives to Optimize Ecosystem Service Provision in Urban Ecological Development The Influence of Machine Learning on Enhancing Rational Decision-Making and Trust Levels in e-Government
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1