In today's high-speed network, the existing Intrusion Detection System (IDS) approaches experience more false alarm rates with low detection capability. Nowadays, IDS needs to analyze a considerable amount of data. The larger the amount of data results in the longer the time to analyze it, which delays attack detection. The IDS usability is defined as its capability to trigger an alarm early enough to minimize the damage that an ongoing attack can cause and provide a reduced range of warning (false alarm). These underline the necessity of feature selection in IDS to identify the informative features and overlook the irrelevant or redundant features that affect the IDS's detection rate and computational complexity. It implies that anticipating an ideal number of features from a flow-based intrusion dataset can improve IDS accuracy. Therefore, this paper proposes an ensemble of a bio-inspired algorithm (Krill Herd Algorithm) with statistical measures (Information Gain) to select optimal features for a flow-based IDS. This ensemble technique has shown improvement in the detection rate, decreases the false alarm rate, and reduces the computation time of the IDS.
This work is licensed under a Creative Commons Attribution 4.0 International License.
- Adhao, R. B., Kshirsagar, A. R., and Pachghare, V. K. 2014. Nids designed using two stages monitoring. International Journal of Computer Science and Information Technolo- gies.
- Arumugam, G. et al. 2021. Gwo optimized k-means cluster based oversampling algorithm. International Journal of Next-Generation Computing 12, 3. DOI: https://doi.org/10.47164/ijngc.v12i3.694
- Chaturvedi, S., Pragya, P., and Verma, H. 2015. Comparative analysis of particle swarm optimization, genetic algorithm and krill herd algorithm. In 2015 International Conference on Computer, Communication and Control (IC4). IEEE, 1–7. DOI: https://doi.org/10.1109/IC4.2015.7375552
- Gandomi, A. H. and Alavi, A. H. 2012. Krill herd: a new bio-inspired optimization algorithm. Communications in nonlinear science and numerical simulation 17, 12, 4831–4845. DOI: https://doi.org/10.1016/j.cnsns.2012.05.010
- Gharib, A., Sharafaldin, I., Lashkari, A. H., and Ghorbani, A. A. 2016. An evaluation framework for intrusion detection dataset. In 2016 International Conference on Information Science and Security (ICISS). IEEE, 1–6. DOI: https://doi.org/10.1109/ICISSEC.2016.7885840
- Glen, S. 2017. Correlation coefficient: Simple definition, formula, easy steps. Statis- ticsHowTo. com. Available online: https://www. statisticshowto. com/probability-and- statistics/correlation-coefficient-formula/(accessed on 3 August 2020).
- Hajisalem, V. and Babaie, S. 2018. A hybrid intrusion detection system based on abc-afs algorithm for misuse and anomaly detection. Computer Networks 136, 37–50. DOI: https://doi.org/10.1016/j.comnet.2018.02.028
- Khraisat, A., Gondal, I., Vamplew, P., and Kamruzzaman, J. 2019. Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2, 1, 1–22. DOI: https://doi.org/10.1186/s42400-019-0038-7
- Kshirsagar, D. and Kumar, S. 2021. An efficient feature reduction method for the detection of dos attack. ICT Express. DOI: https://doi.org/10.1016/j.icte.2020.12.006
- Kumar, N. and Kumar, D. 2021. An improved grey wolf optimization-based learning of artificial neural network for medical data classification. Journal of Information and Com- munication Technology 20, 2, 213–248. DOI: https://doi.org/10.32890/jict2021.20.2.4
- Mohammed, A. J., Ghathwan, K. I., and Yusof, Y. 2020. A hybrid least squares support vector machine with bat and cuckoo search algorithms for time series forecasting. Journal of Information and Communication Technology 19, 3, 351–379. DOI: https://doi.org/10.32890/jict2020.19.3.3
- Mohammed, M. A., Kamil, A. A., Hasan, R. A., and Tapus, N. 2019. An effective con- text sensitive offloading system for mobile cloud environments using support value-based classification. Scalable Computing: Practice and Experience 20, 4, 687–698. DOI: https://doi.org/10.12694/scpe.v20i4.1570
- Pachghare, V. 2019. Cryptography and information security. PHI Learning Pvt. Ltd.
- Pachghare, V. K., Khatavkar, V. K., and Kulkarni, P. A. 2012. Pattern based network security using semi-supervised learning. International Journal of Information and Network Security 1, 3, 228. DOI: https://doi.org/10.11591/ijins.v1i3.704
- Patil, A. and Kshirsagar, D. 2020. An approach towards hybrid feature selection for detection of ddos attack. International Journal of Autonomic Computing 3, 3-4, 274–289. DOI: https://doi.org/10.1504/IJAC.2020.114399
- Patil, G. V., Pachghare, K. V., and Kshirsagar, D. D. 2018. Feature reduction in flow based intrusion detection system. In 2018 3rd IEEE International Conference on Recent DOI: https://doi.org/10.1109/RTEICT42901.2018.9012554
- Trends in Electronics, Information & Communication Technology (RTEICT). IEEE, 1356– 1362.
- Prasad, M., Tripathi, S., and Dahal, K. 2020. An efficient feature selection based bayesian and rough set approach for intrusion detection. Applied Soft Computing 87, 105980. DOI: https://doi.org/10.1016/j.asoc.2019.105980
- Pratiwi, A. I. et al. 2018. On the feature selection and classification based on information gain for document sentiment analysis. Applied Computational Intelligence and Soft Com- puting 2018. DOI: https://doi.org/10.1155/2018/1407817
- Rodrigues, D., Pereira, L. A., Papa, J. P., and Weber, S. A. 2014. A binary krill herd approach for feature selection. In 2014 22nd International Conference on Pattern Recognition. IEEE, 1407–1412. DOI: https://doi.org/10.1109/ICPR.2014.251
- Sharafaldin, I., Lashkari, A. H., and Ghorbani, A. A. 2018. Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116. DOI: https://doi.org/10.5220/0006639801080116
- Siddiqi, M. A. and Pak, W. 2020. Optimizing filter-based feature selection method flow for intrusion detection system. Electronics 9, 12, 2114. DOI: https://doi.org/10.3390/electronics9122114
- Sperotto, A., Schaffrath, G., Sadre, R., Morariu, C., Pras, A., and Stiller, B. 2010. An overview of ip flow-based intrusion detection. IEEE communications surveys & tutorials 12, 3, 343–356. DOI: https://doi.org/10.1109/SURV.2010.032210.00054
- Umer, M. F., Sher, M., and Bi, Y. 2017. Flow-based intrusion detection: Techniques and challenges. Computers & Security 70, 238–254. DOI: https://doi.org/10.1016/j.cose.2017.05.009