A comparison study of particale swarm optimizzation and differential evolution for feature selection intrussion detection system
Intrusion detection system (IDS) has become an important system to every company due to the increasing attacks even in such a new ways of attacks for that reason improving intrusion detection system is very important. The importance of feature selection lays on removing noisy, irrelevant and redunda...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Published: |
2014
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Intrusion detection system (IDS) has become an important system to every company due to the increasing attacks even in such a new ways of attacks for that reason improving intrusion detection system is very important. The importance of feature selection lays on removing noisy, irrelevant and redundant data which can cause overload to the system. IDS faces very large amount of data which consists of many different features. Hence feature selection is used in order to select significant features which reduce unnecessary/noisy data. In feature selection two search algorithms; Particle Swarm Optimization (PSO) and Differential Evolution (DE) is s used to select significant features for the respective five categories of network traffics which are; Normal, Probe, Denial-of-Service (DoS), User-to-Root (U2R) and Remote-to-Local (R2L). Selecting significant features increases the performance of the IDS in terms of detection accuracy. This project aims to compare between two optimization heuristic algorithms PSO and DE for feature selection in IDS. In this project Support Vector Machine (SVM) is used in this study as a classifier. The tool used in this project is Waikato Environment for Knowledge Analysis (WEKA) and visual programming environment. Intrusion detection dataset (KDD Cup 1999) is the data used in this work. The experimental results are described in the end of this work, which shows that PSO is the best for detecting Normal, Probe and DoS |
|---|