Abstract
Intrusion detection systems (IDSs) is an essential key for network defense. The hybrid intrusion detection system combines the individual base classifiers and feature selection algorithm to maximize detection accuracy and minimize computational complexity. We investigated the performance of Genetic algorithm-based feature selection system to reduce the data features space and then the hidden naïve bays (HNB) system were adapted to classify the network intrusion into five outcomes: normal, and four anomaly types including denial of service, user-to-root, remote-to-local, and probing. In order to evaluate the performance of introduced hybrid intrusion system, several groups of experiments are conducted and demonstrated on NSL-KDD dataset. Moreover, the performances of intelligent hybrid intrusion system have been compared with the results of well-known feature selection algorithms. It is found that, hybrid intrusion system produces consistently better performances on selecting the subsets of features which resulting better classification accuracies (98.63%).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, J.P.: Computer security threat monitoring and surveillance. Technical Report, James P. Anderson Co., Fort Washington, PA (April 1980)
Tsai, C., Hsu, Y., Lin, C., Lin, W.: Intrusion detection by machine learning: A review. Expert Systems with Applications 36, 11994–12000 (2009)
Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion-detection systems. Computer Networks 31, 805–822 (1999)
Biermann, E., Cloete, E., Venter, L.M.: A comparison of intrusion detection Systems. Computer and Security 20, 676–683 (2001)
Verwoerd, T., Hunt, R.: Intrusion detection techniques and approaches. Computer Communications 25, 1356–1365 (2002)
Ilgun, K., Kemmerer, R.A., Porras, P.A.: State transition analysis: A rule-based intrusion detection approach. IEEE Trans. Software Eng. 21, 181–199 (1995)
Marchette, D.: A statistical method for profiling network traffic. In: Proceedings of the First USENIX Workshop on Intrusion Detection and Network Monitoring (Santa Clara), CA, pp. 119–128 (1999)
Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection: support vector machines and neural networks. In: Proceedings of the IEEE International Joint Conference on Neural Networks (ANNIE), St. Louis, MO, pp. 1702–1707 (2002)
Lundin, E., Jonsson, E.: Anomaly-based intrusion detection: privacy concerns and other problems. Computer Networks 34, 623–640 (2002)
Wu, S.X., Banzhaf, W.: The use of computational intelligence in intrusion detection systems: A review. Applied Soft Computing 10, 1–35 (2010)
Wang, G., Hao, J., Ma, J., Huang, L.: A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering. Expert Systems with Applications 37, 6225–6232 (2010)
Jemili, F., Zaghdoud, M., Ahmed, M.: Intrusion detection based on Hybrid propagation in Bayesian Networks. In: Proceedings of the IEEE International Conference on Intelligence and Security Informatics, pp. 137–142 (2009)
Tsang, C., Kwong, S., Wang, H.: Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recognition 40, 2373–2391 (2007)
Chan, K.Y., Kwong, C.K., Tsim, Y.C., Aydin, M.E., Fogarty, T.C.: A new orthogonal array based crossover with analysis of gene interactions for evolutionary algorithms and its application to car door design. Expert Systems with Applications 37, 3853–3862 (2010)
Zhu, Z., Ong, Y.S., Dash, M.: Markov blanket-embedded genetic algorithm for gene selection. Pattern Recognition 49, 3236–3248 (2007)
Li, Y., Zhang, S., Zeng, X.: Research of multi-population agent genetic algorithm for feature selection. Expert Systems with Applications 36, 11570–11581 (2009)
Jiang, L., Zhang, H., Cai, Z.: A Novel Bayes Model: Hidden Naive Bayes. IEEE Tran. on Knowledge and Data Engineering 21, 1361–1371 (2009)
Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. JohnWiley & Sons, USA (2001)
Holland, J.H.: Adaptation in Natural and Artificial Systems. University of Michigan Press, Ann Arbor (1975)
Jiang, B., Ding, X., Ma, L., He, Y., Wang, T., Xie, W.: A Hybrid Feature Selection Algorithm: Combination of Symmetrical Uncertainty and Genetic Algorithms. In: The Second International Symposium on Optimization and Systems Biology (OSB 2008), China, pp. 152–157 (2008)
Fayyad, U.M., Irani, K.B.: Multi-interval discretization of continuousvalued attributes for classification learning. In: Thirteenth International Joint Conference on Artificial Intelligence, pp. 1022–1027 (1993)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A Detailed Analysis of the KDD CUP 1999 Data Set. In: Proceeding of the 2009 IEEE Symposium on Computational Intelligence in Security and Defense Application, CISDA (2009)
KDD 1999 dataset Irvine, CA, USA (July 2010), http://kdd.ics.uci.edu/databases
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Eid, H.F., Darwish, A., Hassanien, A.E., Kim, Th. (2011). Intelligent Hybrid Anomaly Network Intrusion Detection System. In: Kim, Th., et al. Communication and Networking. FGCN 2011. Communications in Computer and Information Science, vol 265. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27192-2_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-27192-2_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27191-5
Online ISBN: 978-3-642-27192-2
eBook Packages: Computer ScienceComputer Science (R0)