A Novel Wrapper and Filter-based Feature Dimensionality Reduction Methods for Anomaly Intrusion Detection in Wireless Sensor Networks

Abstract

Abstract Wireless Sensor Networks (WSNs) are the most important technology currently available. WSNs are widely utilized in applications such as business, military, healthcare, smart cities, smart grids, and smart homes. All WSNs implementations demand that sensor nodes and the base station communicate securely. The adversary compromises sensor nodes to deploy diverse attacks into the WSNs. Therefore, an appropriate Intrusion Detection System (IDS) is required to guard against security attacks in WSNs. IDS are crucial for preventing and detecting security breaches. WSNs should have an IDS to assure the reliability, availability, and security of the service. Network intrusion detection is the practice of detecting malicious activity within a network by examining its traffic flow. However, feature dimensionality reduction is critical in IDS, as finding anomalies in high-dimensional network traffic is a lengthy procedure. The selection of features affects the speed of the analysis. In this paper, we proposed an anomaly IDS to detect eight different forms of attacks in WSNs using a wrapper and filter-based feature dimensionality reduction methodologies. The suggested work employed a wrapper-based method with the firefly algorithm (FFA) embedded in the wrapper for feature selection (FS), as well as a filter method with Principal component analysis (PCA) for feature dimensionality reduction. The classifiers random forest (RF) and naïve Bayes (NB) were used to classify the obtained features from both wrapper-based FFA and filter-based PCA. The empirical analysis was carried out on the high-dimensional UNSW-NB15 data. The findings revealed that the wrapper-based FFA-RF achieved an accuracy of 99.98%, f1 score of 100%, precision of 100%, AUC of 100%, and recall of 100%. While, the FFA-NB yielded an accuracy of 99.74%, an F1 score of 99.65%, a precision of 99.38%, an AUC of 99.92%, and a recall of 99.93%. On the other hand, the filter-based PCA-RF achieves an accuracy of 99.99%, an f1-score of 99.97%, a precision of 99.98%, an AUC of 100%, and a recall of 99.97%. While, the PCA-NB gave an accuracy of 97.16%, precision of 97.12%, F1 score of 98.85%, AUC of 99.75%, and recall of 99.50%. This showed that the wrapper-based FFA feature dimensionality reduction methods outperformed the filter-based PCA feature dimensionality approaches in detecting generic, exploits, DoS, fuzzers, backdoors, reconnaissance, and worms’ attacks in WSNs layers. However, in terms of time-critical applications, the filter-based methods required low training time to build the models when compared with the wrapper-based approaches.