Novel Network Intrusion Detection Based on Feature Filtering Using FLAME and New Cuckoo Selection in a Genetic Algorithm-Reference-Cited by-同舟云学术

Novel Network Intrusion Detection Based on Feature Filtering Using FLAME and New Cuckoo Selection in a Genetic Algorithm

Published:2023-11-28 Issue:23 Volume:13 Page:12755
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Alzboon Kawthar¹,Al-Nihoud Jehad¹,Alsharafat Wafa²

Affiliation:

1. Department of Computer Science, Faculty of Prince Al-Hussein bin Abdullah II for Information Technology, Al al-Bayt University, Mafraq 25113, Jordan

2. Department of Information Systems, Faculty of Prince Al-Hussein bin Abdullah II for Information Technology, Al al-Bayt University, Mafraq 25113, Jordan

Abstract

Recently, networks have faced a significant challenge in terms of security due to constant unauthorized access by hackers, resulting in the compromise of network user data. To enhance network security, there are various approaches that can be employed, including the utilization of firewalls, encryption, and antivirus software. Among these methods, one type of system that can be implemented is an intrusion detection system (IDS), which actively monitors the network to identify any intrusions. In order to effectively detect any unauthorized or malicious activities, sophisticated techniques such as genetic algorithms, cuckoo searches, and FLAME are employed. This research proposes a novel IDS that aims to improve the detection of intrusions. The proposed IDS initially conducts feature filtration using fuzzy clustering through the local approximation of the membership algorithm (FLAME), which effectively reduces the number of features that need to be analyzed and processed. Subsequently, the system detects attacks by implementing an extended classifier system (XCS) that incorporates a genetic algorithm (GA) to enhance the accuracy of intrusion detection. By incorporating the cuckoo search and selection within GA, while considering different crossover and mutation probabilities, instead of solely relying on traditional GA, it is anticipated that intrusion detection accuracy will be improved. To evaluate the performance of the proposed IDS, it was tested on the KDD99 dataset and compared with several other IDSs that were also tested on the same dataset. The experimental results clearly indicate that the proposed IDS significantly enhances the detection rate (DR) and accuracy while also significantly reducing the false alarm rate (FAR) and these impressive results were 100%, 99.99% and 0.05% respectively. The performance comparisons reveal that, overall, the proposed IDS outperforms several existing IDSs in terms of intrusion detection performance.

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/23/12755/pdf

Reference52 articles.

1. Zhao, S. (2007). Intrusion Detection Using the Support Vector Machine Enhanced with a Feature-Weight Kernel. [Ph.D. Thesis, Regina University].

2. Rehman, R.U. (2003). Intrusion Detection Systems with Snort: Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID. Apache, MySQL, PHP, and ACID, Prentice Hall PTR. Available online: www.phptr.com.

3. Anomaly based intrusion detection—A review;Raut;Int. J. Netw. Secur.,2014

4. Anderson, J.P. (1980). Computer Security Threat Monitoring and Surveillance. James P. Anderson Co., Fort Washington, Pa.

5. Yu, Y., and Wu, H. (2012, January 14–17). Anomaly intrusion detection based upon data mining techniques and fuzzy logic. Proceedings of the 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC), Seoul, Republic Korea.