R. A. Shah, A. A. Wagan, M. Ali, K. Hussain, R. Bibi
{"title":"An Efficient Technique for Network Intrusion Detection Using Feature selection","authors":"R. A. Shah, A. A. Wagan, M. Ali, K. Hussain, R. Bibi","doi":"10.26692/surj/2019.09.77","DOIUrl":null,"url":null,"abstract":"Network Intrusion Detection System (NIDS) is one of the most significant parts of network security that can make secure transactions over a network. Despite many efforts in the field, we can observe increased sophistication and variety of attacks on networks. In such situation Machine learning (ML) based methods have emerged some of the most effective as well as popular methods to detect the attacks. One of the complexities involved in the ML-based method is that they are mostly of the black-box nature, so their inner working phenomena are very often quite complex to understand and interpret. Moreover, high-dimensional features and an inadequate number of training records have caused some problems in the classifications, such as over fitting of the results, noise sensitiveness, overload computation and lack of significant physical interoperability. In this paper, we propose a discriminative features selection and network intrusion classification by applying sparse modeling with Lasso and SVMs with two kernel functions. SVMs are standard ML techniques which can provide reasonable performance however it can have some shortcomings such as interpretability and huge computational cost. On the other hand, sparse modeling has been considered as an advanced technique for data analysis and processing via regularization. Sparse modeling can be used to simultaneously select discriminative features from the repository of the dataset. Moreover, it also determines the coefficient of the linear classifier where prior information about features structure can be mapped into various sparsity-inducing regularization such as Lasso. Furthermore, we apply sparse modeling for the multiclass-classification purpose; in this way, we can identify and select the features yielded by the network attacks that are the most significant ones. Our experimental in this correspondence suggest that the proposed techniques have better performance than most of the state-of-the-art methods.","PeriodicalId":21635,"journal":{"name":"SINDH UNIVERSITY RESEARCH JOURNAL -SCIENCE SERIES","volume":"183 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2019-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SINDH UNIVERSITY RESEARCH JOURNAL -SCIENCE SERIES","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.26692/surj/2019.09.77","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Network Intrusion Detection System (NIDS) is one of the most significant parts of network security that can make secure transactions over a network. Despite many efforts in the field, we can observe increased sophistication and variety of attacks on networks. In such situation Machine learning (ML) based methods have emerged some of the most effective as well as popular methods to detect the attacks. One of the complexities involved in the ML-based method is that they are mostly of the black-box nature, so their inner working phenomena are very often quite complex to understand and interpret. Moreover, high-dimensional features and an inadequate number of training records have caused some problems in the classifications, such as over fitting of the results, noise sensitiveness, overload computation and lack of significant physical interoperability. In this paper, we propose a discriminative features selection and network intrusion classification by applying sparse modeling with Lasso and SVMs with two kernel functions. SVMs are standard ML techniques which can provide reasonable performance however it can have some shortcomings such as interpretability and huge computational cost. On the other hand, sparse modeling has been considered as an advanced technique for data analysis and processing via regularization. Sparse modeling can be used to simultaneously select discriminative features from the repository of the dataset. Moreover, it also determines the coefficient of the linear classifier where prior information about features structure can be mapped into various sparsity-inducing regularization such as Lasso. Furthermore, we apply sparse modeling for the multiclass-classification purpose; in this way, we can identify and select the features yielded by the network attacks that are the most significant ones. Our experimental in this correspondence suggest that the proposed techniques have better performance than most of the state-of-the-art methods.