International Journal of Computer Science & Network Security

국제컴퓨터통신보호논문지학회 (International Journal of Computer Science & Network Security)
권호 표지
DOI QR코드

DOI QR Code

CRF Based Intrusion Detection System using Genetic Search Feature Selection for NSSA

  • Azhagiri M (Computer Science and Engineering, SRM Institute of Science and Technology) ;
  • Rajesh A (Computer Science and Engineering , C.Abdul Hakeem College of Engineering and Technology) ;
  • Rajesh P (Computer Science and Engineering , Vel Tech Rangarajan Dr. Sagunthala R&D Institute of Science and Technology) ;
  • Gowtham Sethupathi M (Computer Science and Engineering, SRM Institute of Science and Technology)
  • 투고 : 2023.07.05
  • 발행 : 2023.07.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Network security situational awareness systems helps in better managing the security concerns of a network, by monitoring for any anomalies in the network connections and recommending remedial actions upon detecting an attack. An Intrusion Detection System helps in identifying the security concerns of a network, by monitoring for any anomalies in the network connections. We have proposed a CRF based IDS system using genetic search feature selection algorithm for network security situational awareness to detect any anomalies in the network. The conditional random fields being discriminative models are capable of directly modeling the conditional probabilities rather than joint probabilities there by achieving better classification accuracy. The genetic search feature selection algorithm is capable of identifying the optimal subset among the features based on the best population of features associated with the target class. The proposed system, when trained and tested on the bench mark NSL-KDD dataset exhibited higher accuracy in identifying an attack and also classifying the attack category.

키워드

참고문헌

  1. United States Department of Homeland Security, "Team Coordination Training, Student Guide", May 2004. 
  2. P. Barford, Y. Chen, A. Goyal, Z. Li, V. Paxson, and V. Yegneswaran, "Employing Honeynets For Network Situational Awareness", In S. Jajodia et al., (eds.), Cyber Situational Awareness, Advances in Information Security 46, DOI 10.1007/978-1-4419-0140-8. 
  3. K. Scarfone, and P. Mell, "Guide to Intrusion Detection and Prevention Systems (IDPS)", Recommendations of the National Institute of Standards and Technology. [Online]. Available: http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf. 
  4. Onwubiko C, "Functional requirements of Situational Awareness in Computer Network Security", In Proc of the IEEE International Conference on Intelligence and Security Informatics, pp. 209-213, June 2009. 
  5. M. Qiu , L. Zhang , Z. Ming , Z. Chen , X. Qin , and L. Yang, "Security-aware optimization for ubiquitous computing systems with SEAT graph approach", J. Comput. Syst. Sci, Vol. 79, no. 5, pp. 518-529, 2013.  https://doi.org/10.1016/j.jcss.2012.11.002
  6. E. Hernndez-Pereira , J. Surez-Romero , O. Fontenla-Romero , and A. Alonso-Betanzos, "Conversion methods for symbolic features: a comparison applied to an intrusion detection problem", Expert Syst. Appl, Vol. 36, no. 7, pp. 10612-10617, 2009.  https://doi.org/10.1016/j.eswa.2009.02.054
  7. Q. Yan and F. Yu, "Distributed denial of service attacks in software-defined networking with cloud computing", IEEE Commun. Mag, Vol. 53, no. 4, pp. 52-59, 2015.  https://doi.org/10.1109/MCOM.2015.7081075
  8. Sumaiya Thaseen. I and Aswani Kumar. C, "Intrusion detection model using fusion of chi-square feature selection and multi class SVM", Journal of King Saud University - Computer and Information Sciences, 2016. DOI: http://dx.doi.org/10.1016/j.jksuci.2015.12.004. 
  9. Rana Aamir Raza Ashfaq, Xi-Zhao Wang, Joshua Zhexue Huang, Haider Abbas, and Yu-Lin He, "Fuzziness based semi-supervised learning approach for intrusion detection system", Information Sciences, Vol. 378, pp. 484-497, Feb. 2017. DOI: http://dx.doi.org/10.1016/j.ins.2016.04.019. 
  10. V.Jyothsna and V.V.Rama Prasad, "FCAAIS: Anomaly based network intrusion detection through feature correlation analysis and association impact scale", ICT Express, Vol. 2, no. 3, pp. 103-116, 2016.  https://doi.org/10.1016/j.icte.2016.08.003
  11. Wathiq Laftah Al-Yaseen , Zulaiha Ali Othman , and Mohd Zakree Ahmad Nazri, "Multi-Level Hybrid Support Vector Machine and Extreme Learning Machine Based on Modified K-means for Intrusion Detection System", Expert Systems with Applications, Vol. 67, pp. 296-303, Jan. 2017. DOI: http://dx.doi.org/10.1016/j.eswa.2016.09.041. 
  12. Hamid Bostani and Mansour Sheikhan, "Modification of Supervised OPF-based Intrusion Detection Systems using Unsupervised Learning and Social Network Concept", Pattern Recognition, Vol. 62, pp. 56-72, Feb. 2017. DOI: http://dx.doi.org/10.1016/j.patcog.2016.08.027. 
  13. G.R. Kumar, N. Mangathayaru, G. Narsimha, and G.S. Reddy, "A Self Constructing Feature Clustering Approach for Anomaly Detection in IoT", Future Generation Computer Systems, Vol. 74, pp. 417-429, Sep. 2017. DOI: http://dx.doi.org/10.1016/j.future.2016.12.040. 
  14. Jamali. S, and Jafarzadeh. P, "An intelligent intrusion detection system by using hierarchically structured learning automata", Neural Comput & Applic, Vol. 28, no. 5, pp. 1001-1008, May 2017. DOI: https://doi.org/10.1007/s00521-015-2116-4. 
  15. Bostani. H, and Sheikhan. M, "Hybrid of Binary Gravitational Search Algorithm and Mutual Information for Feature Selection in Intrusion Detection Systems", Soft Comput, Vol. 21, no. 9, pp. 2307-2324, May 2017. DOI: https://doi.org/10.1007/s00500-015-1942-8. 
  16. Dash. T, "A Study on Intrusion Detection using Neural Networks Trained with Evolutionary Algorithms", Soft Comput, Vol. 21, no. 10, pp. 2687-2700, May 2017. DOI: https://doi.org/10.1007/s00500-015-1967-z. 
  17. Kapil Kumar Gupta, Baikunth Nath, and Ramamohanarao Kotagiri, "Layered Approach Using Conditional Random Fields for Intrusion Detection", IEEE Transactions on Dependable and Secure Computing, Vol. 7, no. 1, pp. 35 - 49, Jan-March 2010.  https://doi.org/10.1109/TDSC.2008.20
  18. J. Lafferty, A. McCallum, and F. Pereira, "Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data", In Proc. of 18th Int'l Conf. Machine Learning (ICML '01), pp. 282-289, 2001. 
  19. NSL-KDD Dataset. Retrieved from http://www.unb.ca/cic/research/datasets/nsl.html. 
  20. M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set", In Proc. 2nd IEEE International Conference on Computational Intelligence for Security and Defense Applications, USA: IEEE Press, pp. 53-58, 2009. 
  21. David E. Goldberg, "Genetic algorithms in search, optimization and machine learning", Addison-Wesley, 1989. 
  22. R Core Team, "R: A language and environment for statistical computing", R Foundation for Statistical Computing, Vienna, Austria, 2013. URL http://www.R-project.org/ 
  23. Ling-Yun Wu, "CRF: Conditional Random Fields. R package version 0.3-14", 2017. https://CRAN.R-project.org/package=CRF 
  24. Eibe Frank, Mark A. Hall, and Ian H. Witten, "The WEKA Workbench", Online Appendix for "Data Mining: Practical Machine Learning Tools and Techniques", Morgan Kaufmann, Fourth Edition, 2016