A novel Chaotic Flower Pollination-based intrusion detection framework
- PDF / 2,592,569 Bytes
- 19 Pages / 595.276 x 790.866 pts Page_size
- 24 Downloads / 215 Views
METHODOLOGIES AND APPLICATION
A novel Chaotic Flower Pollination-based intrusion detection framework Amrit Pal Singh1 · Arvinder Kaur2 · Saibal Kumar Pal3
© Springer-Verlag GmbH Germany, part of Springer Nature 2020
Abstract With the rise of network on handheld devices, security of the network has become critical issue. Intrusion detection system is used to predict intrusive packets on network; two-step procedure has been used to predict the intrusion, i.e., feature selection and then classification. Firstly, unwanted and expandable features in data lead to network classification problem which affect the decision capability of the classifiers, so we need optimize feature selection technique. Feature selection technique used in this paper is based on the correlation information known as correlation-based feature selection (CFS). In this paper, CFS’s search algorithm is implemented using Chaotic Flower Pollination Algorithm (CFPA) that logically selects the most favorable features for classification referred as CFPA-CFS. Further, hybridization of CFPA and support vector machine classifier is implemented and named as CFPSVM. Finally, novel IDS framework uses CFPA-CFS and CFPSVM in sequence to predict the intrusion. Further, performance of proposed framework is evaluated using two intrusion detection evaluation datasets, namely KDDCup99 and NSL-KDD. The results demonstrate that proposed CFPA-CFS contributes more critical features for CFPSVM to achieve better accuracy compared with the state-of-the-art methods. Keywords Intrusion detection system · Flower Pollination Algorithm · Chaotic distribution · Feature selection · support vector machine
1 Introduction Intrusion detection system (IDS) is security support which is used to filter the malicious activities (e.g., denial of service attacks, port scans, etc.) (Abraham et al. 2007; Singh and Singh 2014; Wu and Banzhaf 2010). IDS can be used to identify the intentions of network users without weakening the security of the host or network (Singh and Singh 2014). IDS can be classified on the basis of two parameters, i.e., location of IDS and detection methodology. On the basis of location of IDS, the IDS can be classified as “networkbased IDS (NIDS)” and “host-based IDS”, previously (Singh and Singh 2014) found that the NIDS is more challenging. However, on the basis of detection methodologies, most of Communicated by V. Loia.
B
Amrit Pal Singh [email protected]
1
Jaypee Institute of Information Technology, Noida, India
2
USICT, GGSIPU, New Delhi, India
3
SAG Lab, DRDO, New Delhi, India
the work in literature have been focused on anomaly detection and found that it is more challenging to work on this. So, the focus of this work is based on novel network intrusion detection (NID) framework for anomaly detection. A NID framework for anomaly detection includes three phases: feature selection, classification and detection. Firstly, It is a challenge to design high-performance IDS when there are large number of features to be handled. The classification accurac
Data Loading...
