Efficient Feature Selection Based Near Real-Time Hybrid Intrusion Detection System


KIPS Transactions on Computer and Communication Systems, Vol. 5, No. 12, pp. 471-480, Dec. 2016
10.3745/KTCCS.2016.5.12.471,   PDF Download:
Keywords: Intrusion Detection System, Feature Selection, C4.5 Decision Tree, Weighted K-Means Algorithms
Abstract

Recently, the damage of cyber attack toward infra-system, national defence and security system is gradually increasing. In this situation, military recognizes the importance of cyber warfare, and they establish a cyber system in preparation, regardless of the existence of threaten. Thus, the study of Intrusion Detection System(IDS) that plays an important role in network defence system is required. IDS is divided into misuse and anomaly detection methods. Recent studies attempt to combine those two methods to maximize advantagesand to minimize disadvantages both of misuse and anomaly. The combination is called Hybrid IDS. Previous studies would not be inappropriate for near real-time network environments because they have computational complexity problems. It leads to the need of the study considering the structure of IDS that have high detection rate and low computational cost. In this paper, we proposed a Hybrid IDS which combines C4.5 decision tree(misuse detection method) and Weighted K-means algorithm (anomaly detection method) hierarchically. It can detect malicious network packets effectively with low complexity by applying mutual information and genetic algorithm based efficient feature selection technique. Also we construct upgraded the the hierarchical structure of IDS reusing feature weights in anomaly detection section. It is validated that proposed Hybrid IDS ensures high detection accuracy (98.68%) and performance at experiment section.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
W. Lee and S. Oh, "Efficient Feature Selection Based Near Real-Time Hybrid Intrusion Detection System," KIPS Transactions on Computer and Communication Systems, vol. 5, no. 12, pp. 471-480, 2016. DOI: 10.3745/KTCCS.2016.5.12.471.

[ACM Style]
Woosol Lee and Sangyoon Oh. 2016. Efficient Feature Selection Based Near Real-Time Hybrid Intrusion Detection System. KIPS Transactions on Computer and Communication Systems, 5, 12, (2016), 471-480. DOI: 10.3745/KTCCS.2016.5.12.471.