Skip to main content
SpringerLink
Log in

Review on Feature Selection Algorithms for Anomaly-Based Intrusion Detection System

  • Conference paper
  • First Online:
Recent Trends in Data Science and Soft Computing (IRICT 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 843))

Abstract

As Internet networks expand, the amount of network threats and intrusions increased, the demand for an efficient and reliable defense system is required to detect network security vulnerabilities. Intrusion Detection Systems (IDS) are a vital constituent of security of a network to avert data illegal usage and misappropriation. IDS deal with massive amount of data movement that comprises repetitive and inappropriate features. The detection rate implementation is frequently affected by these inappropriate features which also munch up intrusion detection system resources. A significant portion in the removal of dissimilar and not used features in IDS is done by the feature selection method. Methods included are data mining techniques, machine learning, statistical analysis, support vector machine models and neural networks. In this paper, we provide review of several algorithms used for anomaly-based intrusion detection systems to improve performance of machine learning classifiers. This paper first summarizes the theoretical basis of IDS, and then discusses the feature selection techniques and their types.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Al-Ani, A.K., Anbar, M., Manickam, S., Al-Ani, A., Leau, Y.-B.: Proposed DAD-match mechanism for securing duplicate address detection process in IPv6 link-local network based on symmetric-key algorithm. In: International Conference on Computational Science and Technology, pp. 108–118 (2017)

    Google Scholar 

  2. Al-Ani, A.K., Anbar, M., Manickam, S., Al-Ani, A., Leau, Y.-B.: Proposed DAD-match security technique based on hash function to secure duplicate address detection in IPv6 link-local network. In: Proceedings of the 2017 International Conference on Information Technology, pp. 175–179 (2017)

    Google Scholar 

  3. Kim, D.S., Nguyen, H.-N., Ohn, S.-Y., Park, J.S.: Fusions of GA and SVM for anomaly detection in intrusion detection system. In: International Symposium on Neural Networks, pp. 415–420 (2005)

    Google Scholar 

  4. Dastanpour, A., Ibrahim, S., Mashinchi, R.: Using genetic algorithm to supporting artificial neural network for intrusion detection system. In: The International Conference on Computer Security and Digital Investigation (ComSec 2014), pp. 1–13 (2014)

    Google Scholar 

  5. Anbar, M., Abdullah, R., Al-Tamimi, B.N., Hussain, A.: A machine learning approach to detect router advertisement flooding attacks in next-generation IPv6 networks. Cognit. Comput. 10, 1–14 (2017)

    Google Scholar 

  6. Vithalpura, J.S., Diwanji, H.M.: Analysis of fitness function in designing genetic algorithm based intrusion detection system. Int. J. Sci. Res. Dev. 3, 86–92 (2015)

    Google Scholar 

  7. Kemmerer, R.A., Vigna, G.: Intrusion detection: a brief history and overview. Computer (Long. Beach. Calif.) 35, 27–30 (2002)

    Google Scholar 

  8. Liao, H.-J., Lin, C.-H.R., Lin, Y.-C., Tung, K.-Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36, 16–24 (2013)

    Article  Google Scholar 

  9. Shahreza, M.L., Moazzami, D., Moshiri, B., Delavar, M.R.: Anomaly detection using a self-organizing map and particle swarm optimization. Sci. Iran. 18, 1460–1468 (2011)

    Article  Google Scholar 

  10. Anbar, M., Abdullah, R., Saad, R., Hasbullah, I.H.: Review of preventive security mechanisms for neighbour discovery protocol. Adv. Sci. Lett. 23, 11306–11310 (2017)

    Article  Google Scholar 

  11. Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28, 18–28 (2009)

    Article  Google Scholar 

  12. Kumar, K., Kumar, G.: Analysis of feature selection techniques: a data mining approach. International Journal of Computer Applications (0975 – 8887), 4th International Conference on Engineering & Technology (ICAET 2016) pp. 17–21

    Google Scholar 

  13. Kumari, B., Swarnkar, T.: Filter versus wrapper feature subset selection in large dimensionality micro array: a review 2(3), 1048–1053 (2011)

    Google Scholar 

  14. Binitha, S., Sathya, S.S., et al.: A survey of bio inspired optimization algorithms. Int. J. Soft Comput. Eng. 2, 137–151 (2012)

    Google Scholar 

  15. Bolón-Canedo, V., Sánchez-Maroño, N., Alonso-Betanzos, A.: A review of feature selection methods on synthetic data. Knowl. Inf. Syst. 34, 483–519 (2013)

    Article  Google Scholar 

  16. Ahmad, I., Abdullah, A., Alghamdi, A., Alnfajan, K., Hussain, M.: Intrusion detection using feature subset selection based on MLP. Sci. Res. Essays 6, 6804–6810 (2011)

    Article  Google Scholar 

  17. Kuang, F., Xu, W., Zhang, S.: A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl. Soft Comput. 18, 178–184 (2014)

    Article  Google Scholar 

  18. Aslahi-Shahri, B.M., Rahmani, R., Chizari, M., Maralani, A., Eslami, M., Golkar, M.J., Ebrahimi, A.: A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput. Appl. 27, 1669–1676 (2016)

    Article  Google Scholar 

  19. Alomari, O., Othman, Z.A.: Bees algorithm for feature selection in network anomaly detection. J. Appl. Sci. Res. 8, 1748–1756 (2012)

    Google Scholar 

  20. Xingzhu, W.: ACO and SVM selection feature weighting of network intrusion detection method. Analysis 9, 129–270 (2015)

    Google Scholar 

  21. Rani, M.S., Xavier, S.B.: A hybrid intrusion detection system based on C5.0 decision tree and one-class SVM. Int. J. Curr. Eng. Technol. 5, 2001–2007 (2015)

    Google Scholar 

  22. Ghanem, W.A.H.M., Jantan, A.: Novel multi-objective artificial bee colony optimization for wrapper based feature selection in intrusion detection. Int. J. Adv. Soft Comput. Appl. 8, 70–81 (2016)

    Google Scholar 

  23. Acharya, N., Singh, S.: An IWD-based feature selection method for intrusion detection system. Soft Comput. 22, 1–10 (2017)

    Google Scholar 

  24. Ganapathy, S., Vijayakumar, P., Yogesh, P., Kannan, A.: An intelligent CRF based feature selection for effective intrusion detection. Int. Arab J. Inf. Technol. 13, 44–50 (2016)

    Google Scholar 

  25. Li, Y., Xia, J., Zhang, S., Yan, J., Ai, X., Dai, K.: An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst. Appl. 39, 424–430 (2012)

    Article  Google Scholar 

  26. Ambusaidi, M.A., He, X., Nanda, P., Tan, Z.: Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput. 65, 2986–2998 (2016)

    Article  MathSciNet  Google Scholar 

  27. Madbouly, A.I., Barakat, T.M.: Enhanced relevant feature selection model for intrusion detection systems. Int. J. Intell. Eng. Inform. 4, 21–45 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Advanced IPv6 Centre, Universiti Sains Malaysia, 11800, USM, Penang, Malaysia

    Taief Alaa Alamiedy, Mohammed Anbar & Ahmed K. Al-Ani

  2. College of Computer Science and Engineering, Taibah University, Medina, Saudi Arabia

    Bassam Naji Al-Tamimi

  3. School of Electrical and Electronic Engineering, USM, 14300, Nibong Tebal, Penang, Malaysia

    Nameer Faleh

Authors
  1. Taief Alaa Alamiedy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammed Anbar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmed K. Al-Ani
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bassam Naji Al-Tamimi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Nameer Faleh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammed Anbar .

Editor information

Editors and Affiliations

  1. College of Computer Science and Engineering, Taibah University, Medina, Saudi Arabia

    Faisal Saeed

  2. Information Systems Department, Faculty of Computing, Universiti Teknologi Malaysia, Skudai, Malaysia

    Nadhmi Gazem

  3. Information Technology Department, Faculty of Engineering and Information Technology, Taiz University, Taiz, Yemen

    Fathey Mohammed

  4. Information Systems Department, Faculty of Computing, Universiti Teknologi Malaysia, Skudai, Malaysia

    Abdelsalam Busalim

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alamiedy, T.A., Anbar, M., Al-Ani, A.K., Al-Tamimi, B.N., Faleh, N. (2019). Review on Feature Selection Algorithms for Anomaly-Based Intrusion Detection System. In: Saeed, F., Gazem, N., Mohammed, F., Busalim, A. (eds) Recent Trends in Data Science and Soft Computing. IRICT 2018. Advances in Intelligent Systems and Computing, vol 843. Springer, Cham. https://doi.org/10.1007/978-3-319-99007-1_57

Download citation

Publish with us

Policies and ethics

Search

Navigation