An Advanced Fitness Function Optimization Algorithm for Anomaly Intrusion Detection Using Feature Selection-Reference-Cited by-同舟云学术

An Advanced Fitness Function Optimization Algorithm for Anomaly Intrusion Detection Using Feature Selection

Published:2023-04-14 Issue:8 Volume:13 Page:4958
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Hong Sung-Sam¹^ORCID,Lee Eun-joo¹,Kim Hwayoung²^ORCID

Affiliation:

1. Department of Multimedia Contents, Jangan University, Hwaseong 18331, Republic of Korea

2. Division of Maritime Transportation, Mokpo Maritime University, Mokpo 58628, Republic of Korea

Abstract

Cyber-security systems collect information from multiple security sensors to detect network intrusions and their models. As attacks become more complex and security systems diversify, the data used by intrusion-detection systems becomes more dimensional and large-scale. Intrusion detection based on intelligent anomaly detection detects attacks based on machine-learning classification models, soft computing, and rule sets. Feature-selection methods are used for efficient intrusion detection and solving high-dimensional problems. Optimized feature selection can maximize the detection model performance; thus, a fitness function design is required. We proposed an optimization algorithm-based feature-selection algorithm to improve anomaly-detection performance. We used a genetic algorithm and proposed an advanced fitness function that finds the most relevant feature set, increasing the detection rate, reducing the error rate, and enhancing analysis speed. An improved fitness function for the selection of optimized features is proposed; this function can address overfitting by solving the problem of anomaly-detection performance from imbalanced security datasets. The proposed algorithm outperformed other feature-selection algorithms. It outperformed the PCA and wrapper-DR methods, with 0.99564 at 10%, 0.996455 at 15%, and 0.996679 at 20%. It performed higher than wrapper-DR by 0.95% and PCA by 3.76%, showing higher differences in performance than in detection rates.

Funder

This research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF) funded by the Ministry of Education

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/8/4958/pdf

Reference53 articles.

1. Qin, X., and Lee, W. (2004, January 6–10). Attack plan recognition and prediction using causal networks. Proceedings of the 20th Annual Computer Security Applications Conference, Tucson, AZ, USA.

2. Salem, M.B., Hershkop, S., and Stolfo, S.J. (2008). A Survey of Insider Attack Detection Research, Insider Attack and Cyber Security: Beyond the Hacker, Springer.

3. Kou, Y., Lu, C.T., Sirwongwattana, S., and Huang, Y.P. (2004, January 21–23). Survey of Fraud Detection Techniques. Proceedings of the IEEE International Conference on Networking, Sensing and Control, Teipei, Tiwan.

4. Analysis of network traffic features for anomaly detection;Iglesias;Mach. Learn.,2015

5. Principal component analysis: A review and recent developments;Jolliffe;Philos. Trans. R. Soc. A Math. Phys. Eng. Sci.,2016

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. DLA-ABIDS:Deep Learning Approach for Anomaly Based Intrusion Detection System;2023 20th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA);2023-12-04

2. Enhancing Network Security Algorithm Using Machine Learning;2023 10th IEEE Uttar Pradesh Section International Conference on Electrical, Electronics and Computer Engineering (UPCON);2023-12-01