Improving the Performance of Multi-class Intrusion Detection Systems using Feature Reduction

TL;DR

This paper presents a hybrid feature selection approach combined with adaptive boosting and naive Bayes to enhance multi-class intrusion detection accuracy while reducing feature set size.

Contribution

It introduces a novel hybrid feature selection method with adaptive boosting for improved multi-class intrusion detection accuracy.

Findings

Achieved higher detection accuracy with fewer features.

Effectively determined attack types in multi-class scenarios.

Validated on the NSL-KDD dataset with promising results.

Abstract

Intrusion detection systems (IDS) are widely studied by researchers nowadays due to the dramatic growth in network-based technologies. Policy violations and unauthorized access is in turn increasing which makes intrusion detection systems of great importance. Existing approaches to improve intrusion detection systems focus on feature selection or reduction since some features are irrelevant or redundant which when removed improve the accuracy as well as the learning time. In this paper we propose a hybrid feature selection method using Correlation-based Feature Selection and Information Gain. In our work we apply adaptive boosting using na\"ive Bayes as the weak (base) classifier. The key point in our research is that we are able to improve the detection accuracy with a reduced number of features while precisely determining the attack. Experimental results showed that our proposed method achieved high accuracy compared to methods using only 5-class problem. Correlation is done using Greedy search strategy and na\"ive Bayes as the classifier on the reduced NSL-KDD dataset.