Feature Subset Selection in Intrusion Detection Using Soft Computing Techniques
vii Intrusions on computer network systems are major security issues these days. Therefore, it is of utmost importance to prevent such intrusions. The prevention of such intrusions is entirely dependent on their detection that is a main part of any security tool such as Intrusion Detection Syste...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Thesis |
| Published: |
2011
|
| Subjects: | |
| Online Access: | http://eprints.utp.edu.my/5710/1/PhD-IT-Thesis-Iftikhar-Ahmad-G00941-session2009-2011.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utp-ep.5710 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utp-ep.57102012-12-31T04:18:43Z Feature Subset Selection in Intrusion Detection Using Soft Computing Techniques 2011-02 Iftikhar , Ahmad Azween, Abdullah QA75 Electronic computers. Computer science vii Intrusions on computer network systems are major security issues these days. Therefore, it is of utmost importance to prevent such intrusions. The prevention of such intrusions is entirely dependent on their detection that is a main part of any security tool such as Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Adaptive Security Alliance (ASA), checkpoints and firewalls. Therefore, accurate detection of network attack is imperative. A variety of intrusion detection approaches are available but the main problem is their performance, which can be enhanced by increasing the detection rates and reducing false positives. Such weaknesses of the existing techniques have motivated the research presented in this thesis. One of the weaknesses of the existing intrusion detection approaches is the usage of a raw dataset for classification but the classifier may get confused due to redundancy and hence may not classify correctly. To overcome this issue, Principal Component Analysis (PCA) has been employed to transform raw features into principal features space and select the features based on their sensitivity. The sensitivity is determined by the values of eigenvalues. The recent approaches use PCA to project features space to principal feature space and select features corresponding to the highest eigenvalues, but the features corresponding to the highest eigenvalues may not have the optimal sensitivity for the classifier due to ignoring many sensitive features. Instead of using traditional approach of selecting features with the highest eigenvalues such as PCA, this research applied a Genetic Algorithm (GA) to search the principal feature space that offers a subset of features with optimal sensitivity and the highest discriminatory power. Based on the selected features, the classification is performed. The Support Vector Machine (SVM) and Multilayer Perceptron (MLP) are used for classification purpose due to their proven ability in classification. This research work uses the Knowledge Discovery and Data mining (KDD) cup dataset, which is considered benchmark for evaluating security detection mechanisms. The performance of this approach was analyzed and compared with existing approaches. The results show that proposed method provides an optimal intrusion detection mechanism that outperforms the existing approaches and has the capability to minimize the number of features and maximize the detection rates. 2011-02 Thesis http://eprints.utp.edu.my/5710/ http://eprints.utp.edu.my/5710/1/PhD-IT-Thesis-Iftikhar-Ahmad-G00941-session2009-2011.pdf application/zip phd UNIVERSITI TEKNOLOGI PETRONAS CIS |
| institution |
Universiti Teknologi PETRONAS |
| collection |
UTP Institutional Repository |
| topic |
QA75 Electronic computers Computer science |
| spellingShingle |
QA75 Electronic computers Computer science Iftikhar , Ahmad Azween, Abdullah Feature Subset Selection in Intrusion Detection Using Soft Computing Techniques |
| description |
vii
Intrusions on computer network systems are major security issues these days.
Therefore, it is of utmost importance to prevent such intrusions. The prevention of
such intrusions is entirely dependent on their detection that is a main part of any
security tool such as Intrusion Detection System (IDS), Intrusion Prevention System
(IPS), Adaptive Security Alliance (ASA), checkpoints and firewalls. Therefore,
accurate detection of network attack is imperative. A variety of intrusion detection
approaches are available but the main problem is their performance, which can be
enhanced by increasing the detection rates and reducing false positives. Such
weaknesses of the existing techniques have motivated the research presented in this
thesis.
One of the weaknesses of the existing intrusion detection approaches is the usage
of a raw dataset for classification but the classifier may get confused due to
redundancy and hence may not classify correctly. To overcome this issue, Principal
Component Analysis (PCA) has been employed to transform raw features into
principal features space and select the features based on their sensitivity. The
sensitivity is determined by the values of eigenvalues. The recent approaches use
PCA to project features space to principal feature space and select features
corresponding to the highest eigenvalues, but the features corresponding to the
highest eigenvalues may not have the optimal sensitivity for the classifier due to
ignoring many sensitive features. Instead of using traditional approach of selecting
features with the highest eigenvalues such as PCA, this research applied a Genetic
Algorithm (GA) to search the principal feature space that offers a subset of features
with optimal sensitivity and the highest discriminatory power.
Based on the selected features, the classification is performed. The Support
Vector Machine (SVM) and Multilayer Perceptron (MLP) are used for classification
purpose due to their proven ability in classification. This research work uses the
Knowledge Discovery and Data mining (KDD) cup dataset, which is considered benchmark for evaluating security detection mechanisms. The performance of this
approach was analyzed and compared with existing approaches. The results show that
proposed method provides an optimal intrusion detection mechanism that outperforms
the existing approaches and has the capability to minimize the number of features and
maximize the detection rates. |
| format |
Thesis |
| qualification_level |
Doctorate |
| author |
Iftikhar , Ahmad Azween, Abdullah |
| author_facet |
Iftikhar , Ahmad Azween, Abdullah |
| author_sort |
Iftikhar , Ahmad |
| title |
Feature Subset Selection in Intrusion Detection Using Soft
Computing Techniques |
| title_short |
Feature Subset Selection in Intrusion Detection Using Soft
Computing Techniques |
| title_full |
Feature Subset Selection in Intrusion Detection Using Soft
Computing Techniques |
| title_fullStr |
Feature Subset Selection in Intrusion Detection Using Soft
Computing Techniques |
| title_full_unstemmed |
Feature Subset Selection in Intrusion Detection Using Soft
Computing Techniques |
| title_sort |
feature subset selection in intrusion detection using soft
computing techniques |
| granting_institution |
UNIVERSITI TEKNOLOGI PETRONAS |
| granting_department |
CIS |
| publishDate |
2011 |
| url |
http://eprints.utp.edu.my/5710/1/PhD-IT-Thesis-Iftikhar-Ahmad-G00941-session2009-2011.pdf |
| _version_ |
1747837931936022528 |