USB-IDS-1 dataset feature reduction with genetic algorithm

Abstract

Technology and online opportunities brought by technology are increasing day by day. Many transactions, from banking to shopping, can be done online. However, the abuse of technology is also increasing at the same rate. Therefore, it is very important to ensure the security of the network for data protection. The application of artificial intelligence-based approaches has also become popular in the field of information security. When the data collected for intrusion detection is examined, it is seen that there are many features. In this study, the features in the USB-IDS-1 dataset were reduced by genetic algorithm and its success was examined with various classifiers. Among the selected methods, there are decision trees, random forest, k-NN, Naive Bayes and artificial neural networks. Accuracy, sensitivity, precision and F1-score were used as metrics. According to the results obtained, it was seen that the genetic algorithm was quite successful in the Hulk and Slowloris data set, it was partially effective in the Slowhttptest data, but was not successful in the TCP set. However, the performance of the algorithms was poor as a result of using all features in Slowhttptest and TCP data.

Keywords

• Intrusion detection
• USB-IDS-1
• genetic algorithm

References

1. Kaplan, A., Haenlein, M., Siri, Siri, in my hand: Who's the fairest in the land? on the interpretations, illustrations, and implications of Artificial Intelligence, Bus. Horiz., 62 (1) (2019), 15-25, https://doi.org/10.1016/j.bushor.2018.08.004.
2. Samuel, A. L., Some studies in machine learning using the game of checkers, IBM J. Res. Dev., 3 (3) (1959), 210-229, https://doi.org/10.1147/rd.33.0210.
3. Aburomman, A. A., Reaz, M. B. I., Ensemble of binary SVM classifiers based on PCAand LDA feature extraction for intrusion detection, Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), (2016), 636-640.
4. Al-Jarrah, O. Y., Al-Hammdi, Y., Yoo, P. D., Muhaidat, S., Al-Qutayri, M. Semisupervised multi-layered clustering model for intrusion detection, Digit. Commun. Netw., 4 (4) (2018), 277-286.
5. Al-Yaseen, W. L., Othman, Z. A., Nazri, M. Z. A. Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system, Expert Syst. Appl., 67 (1) (2017), 296-303.
6. An, X., Su, J., Lü, X., Lin, F., Hypergraph clustering model-based association analysis of DDOS attacks in fog computing intrusion detection system, EURASIP JWCN, 249 (1) (2018), 1-9.
7. Belavagi, M. C., Muniyal, B., Performance evaluation of supervised machine learning algorithms for intrusion detection, Procedia Comput. Sci., 89 (1) (2016), 117-123.
8. KDD, The 1999 KDD intrusion detection, 1999, http://kdd.ics.uci.edu/databases/kddcup99/task.html.

9. Hick, P., Aben, E., Claffy, K., Polterock, J., The CAIDA DDoS attack 2007 dataset, 2007.
10. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A. A., A detailed analysis of the KDD CUP 99 data set, in 2009 CISDA, (2009), 1-6.
11. Catillo, M., Del Vecchio, A., Ocone, L., Pecchia, A., Villano, U., USB-IDS-1: a public multilayer dataset of labeled network flows for IDS evaluation, 51st Annual IEEE/IFIP DSN-W, (2021), 1-6, https://doi.org/10.1109/DSN-W52860.2021.00012.
12. Holland, J. H., Genetic algorithms, Sci. Am., 267 (1) (1992), 66-73.
13. Catillo, M., Pecchia, A., Villano, U., Measurement-based analysis of a DoS defense module for an open source web server, Testing Software and Systems: 32nd IFIP WG 6.1 International Conference, ICTSS, (2020), 121-134.
14. Catillo, M., Del Vecchio, A., Pecchia, A., Villano, U., Transferability of machine learning models learned from public intrusion detection datasets: the CICIDS2017 case study, Softw. Qual. J., (2022), 1-27.
15. Kalutharage, C. S., Liu, X., Chrysoulas, C., Explainable AI and deep autoencoders based security framework for IoT network attack certainty, Lect. Notes Comput. Sci., (2022), 13745, https://doi.org/10.1007/978-3-031-21311-3_8.
16. Russell, S. J., Norvig, P., Artificial Intelligence a Modern Approach, Pearson Education, Inc., New York, 2010.
17. Breiman, L., Random forests, Mach. Learn., 45 (2001), 5-32.
18. Cover, T., Hart, P., Nearest neighbor pattern classification, IEEE Trans. Inf. Theory, 13 (1) (1967), 21-27.
19. Li, X., Ye, N., Decision tree classifiers for computer intrusion detection, In Real-Time System Security, (2003), 77-93.
20. Ozsari, S., Uguz, H., Hakli, H., Implementation of meta-heuristic optimization algorithms for interview problem in land consolidation: A case study in Konya/Turkey, Land Use Policy, 108 (2021), 105511.
21. Google colab., (2023). Available: https://research.google.com/colaboratory/faq.html. [Accessed: May 2023].
22. Ozsari, S., Yapicioglu, F. R., Yilmaz, D., Kamburoglu, K., Guzel, M. S., Bostanci, G. E., Acici, K., Asuroglu, T., Interpretation of magnetic resonance images of temporomandibular joint disorders by using deep learning, IEEE Access, 11 (2023), 49102-49113, https://doi.org/10.1109/ACCESS.2023.3277756.
23. Kingma, D. P., Jimmy, Ba., Adam: a method for stochastic optimization, arXiv:1412.6980, 2014.
24. Kennedy, J., Eberhart, R., Particle swarm optimization, Proceedings of IEEE International Conference on Neural Networks, 4 (1995), 1942-1948, https://doi.org/10.1109/ICNN.1995.488968.
25. Karaboga, D., An idea based on honey bee swarm for numerical optimization, Technical Report-TR06, Erciyes University, Engineering Faculty, Computer Engineering Department, 2005.