Ensemble of Bio-inspired Algorithm with Statistical Measures for Feature Selection to Design a Flow-Based Intrusion Detection System

Abstract

In today's high-speed network, the existing Intrusion Detection System (IDS) approaches experience more false alarm rates with low detection capability. Nowadays, IDS needs to analyze a considerable amount of data. The larger the amount of data results in the longer the time to analyze it, which delays attack detection. The IDS usability is defined as its capability to trigger an alarm early enough to minimize the damage that an ongoing attack can cause and provide a reduced range of warning (false alarm). These underline the necessity of feature selection in IDS to identify the informative features and overlook the irrelevant or redundant features that affect the IDS's detection rate and computational complexity. It implies that anticipating an ideal number of features from a flow-based intrusion dataset can improve IDS accuracy. Therefore, this paper proposes an ensemble of a bio-inspired algorithm (Krill Herd Algorithm) with statistical measures (Information Gain) to select optimal features for a flow-based IDS. This ensemble technique has shown improvement in the detection rate, decreases the false alarm rate, and reduces the computation time of the IDS.