An anomaly-based intrusion detection system using recursive feature elimination technique for improved attack detection

The explosive growth of Internet and technologies has resulted in better life-changing services to the society. This drastic change has invariably kept the users connected to the Internet uninterruptedly. The adversaries might exploit this “always-on” Internet connection and would jeopardize the net...

Celý popis

Uloženo v:

Podrobná bibliografie
Vydáno v:	Theoretical computer science Ročník 931; s. 56 - 64
Hlavní autoři:	Kannari, Phanindra Reddy, Chowdary, Noorullah Shariff, Laxmikanth Biradar, Rajkumar
Médium:	Journal Article
Jazyk:	angličtina
Vydáno:	Elsevier B.V 29.09.2022
Témata:	Intrusion detection system Random forest classifier and feature selection Recursive feature elimination Random forest classifier and feature selection Recursive feature elimination Intrusion detection system
ISSN:	0304-3975, 1879-2294
On-line přístup:	Získat plný text
Tagy:	Přidat tag Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!

Popis
Shrnutí:	The explosive growth of Internet and technologies has resulted in better life-changing services to the society. This drastic change has invariably kept the users connected to the Internet uninterruptedly. The adversaries might exploit this “always-on” Internet connection and would jeopardize the network infrastructure through malicious activities using the networks' hardware and software vulnerabilities. However, the network traffic volume poses difficulties for the cyber analyst to monitor, detect, identify, and quickly respond to the network attacks. Therefore it is paramount to protect the integrity, availability, confidentiality of the network infrastructure, and its digital assets by deploying Intrusion Detection Systems. However, augmenting new techniques avoids overwhelming the analysts from a myriad of events. This research aims to analyze the traffic for the significant features that assist in reliable intrusion detection and minimize the resource requirements and computational complexity of the detection process. The proposed method uses Recursive Feature Elimination technique to rank features based on feature importance and Random Forest algorithm performs the attack classification. The experimental findings show these significant 21 features are useful in anomaly detection with an accuracy of 99.83% for binary attack detection, 99.69% for multiclass classification with an execution time of 20 seconds, and 39 seconds respectively on the NSL-KDD dataset. •Internet and technology expansion has led to life-changing social services, but also introduces newer security challenges.•This paper aims to analyze the traffic for the significant features that assist in reliable network intrusion detection.•The intrusion detection process consumes minimal resources with reduced computational complexity.•Recursive Feature Elimination ranks features by relevance, and Random Forest classifies attacks from the NSL-KDD.
ISSN:	0304-3975 1879-2294
DOI:	10.1016/j.tcs.2022.07.030