Komparasi Information Gain, Gain Ratio, CFs-Bestfirst dan CFs-PSO Search Terhadap Performa Deteksi Anomali

Authors

  • Kurniabudi Kurniabudi STIKOM Dinamika Bangsa, Jambi
  • Abdul Harris STIKOM Dinamika Bangsa, Jambi
  • Albertus Edward Mintaria STIKOM Dinamika Bangsa, Jambi

DOI:

https://doi.org/10.30865/mib.v5i1.2258

Keywords:

Feature Selection, Anomaly Detection, CICIDS-2017, Information Gain, Gain Ratio, Correlation-Based, PSO-Search

Abstract

Large data dimensionality is one of the issues in anomaly detection. One approach used to overcome large data dimensions is feature selection. An effective feature selection technique will produce the most relevant features and can improve the classification algorithm to detect attacks. There have been many studies on feature selection techniques, each using different methods and strategies to find the best and relevant features. In this study, a comparison of Information Gain, Gain Ratio, CFs-BestFirst and CFs-PSO Search techniques was compared. The selection features of the four techniques were further validated by the Naive Bayes classification algorithm, k-NN and J48. This study uses the ISCX CICIDS-2017 dataset. Based on the test results the feature selection techniques affect the performance of the Naive Bayes algorithm, k-NN and J48. Increasingly relevant and important features can improve detection performance. The test results also show that the number of features influences the processing / computing time. CFs-BestFirst produces a smaller number of features compared to CFs-PSO Search, Information Gain and Gain Ratio so it requires lower processing time. In addition, k-NN requires a higher processing time than Naive Bayes and J48

Author Biographies

Kurniabudi Kurniabudi, STIKOM Dinamika Bangsa, Jambi

Sistem Komputer

Abdul Harris, STIKOM Dinamika Bangsa, Jambi

Teknik Informatika

Albertus Edward Mintaria, STIKOM Dinamika Bangsa, Jambi

Sistem Komputer

References

J. Zhang, H. Li, Q. Gao, H. Wang, and Y. Luo, “Detecting anomalies from big network traffic data using an adaptive detection approach,†Inf. Sci. (Ny)., vol. 318, no. August, pp. 91–110, 2015.

G. Chandrashekar and F. Sahin, “A survey on feature selection methods,†Comput. Electr. Eng., vol. 40, no. 1, pp. 16–28, 2014.

Y. Dhote, S. Agrawal, and A. J. Deen, “A Survey on Feature Selection Techniques for Internet Traffic Classification,†Proc. - 2015 Int. Conf. Comput. Intell. Commun. Networks, CICN 2015, pp. 1375–1380, 2016.

R. F. Najeeb and B. N. Dhannoon, “Classification for Intrusion Detection with Different Feature Selection Methods : A Survey ( 2014-2016),†Int. J. Adv. Res. Comput. Sci. Softw. Eng., vol. 7, no. 5, pp. 305–311, 2017.

P. R. K. Varma, V. V. Kumari, and S. S. Kumar, A Survey of Feature Selection Techniques in Intrusion Detection System: A Soft Computing Perspective, vol. 710. Springer Singapore, 2018.

S. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,†J. Comput. Sci., vol. 25, pp. 152–160, 2018.

M. El Boujnouni and M. Jedra, “New Intrusion Detection System Based on Support Vector Domain Description with Information Gain Metric,†Int. J. Netw. Secur., vol. 20, no. 1, pp. 25–34, 2018.

N. Araújo, “Identifying Important Characteristics in the KDD99 Intrusion Detection Dataset by Feature Selection using a Hybrid Approach,†pp. 552–558, 2010.

P. Kushwaha, H. Buckchash, and B. Raman, “Anomaly based intrusion detection using filter based feature selection on KDD-CUP 99,†IEEE Reg. 10 Annu. Int. Conf. Proceedings/TENCON, vol. 2017-Decem, pp. 839–844, 2017.

N. Sainis, “Feature Classification and Outlier Detection to Increased Accuracy in Intrusion Detection System,†Int. J. Appl. Eng. Res., vol. 13, no. 10, pp. 7249–7255, 2018.

K. A. Taher, B. M. Yasin Jisan, and M. M. Rahman, “Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection,†2019 Int. Conf. Robot. Signal Process. Tech., pp. 643–646, 2019.

V. Zhang and L. J. Zhang, “A rule generation model using S-PSO for Misuse Intrusion Detection,†ICCASM 2010 - 2010 Int. Conf. Comput. Appl. Syst. Model. Proc., vol. 3, no. Iccasm, pp. 418–423, 2010.

A. Panigrahi and M. R. Patra, “An evolutionary computation based classification model for network intrusion detection,†Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 8956, pp. 318–324, 2015.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,†ICISSP 2018 - Proc. 4th Int. Conf. Inf. Syst. Secur. Priv., vol. 2018-Janua, no. Cic, pp. 108–116, 2018.

K. Goeschel, “Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis,†Conf. Proc. - IEEE SOUTHEASTCON, vol. 2016-July, 2016.

S. Mukherjee and N. Sharma, “Intrusion Detection using Naive Bayes Classifier with Feature Reduction,†vol. 4, pp. 119–128, 2012.

G. Serpen and E. Aghaei, “Host-based misuse intrusion detection using PCA feature extraction and kNN classification algorithms,†Intell. Data Anal., vol. 22, no. 5, pp. 1101–1114, 2018.

S. Sahu and B. M. Mehtre, “Network intrusion detection system using J48 Decision Tree,†2015 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2015, pp. 2023–2026, 2015.

N. F. Haq, A. R. Onik, and F. M. Shah, “An ensemble framework of anomaly detection using hybridized feature selection approach (HFSA),†IntelliSys 2015 - Proc. 2015 SAI Intell. Syst. Conf., pp. 989–995, 2015.

S. Chormunge and S. Jena, “Efficient feature subset selection algorithm for high dimensional data,†Int. J. Electr. Comput. Eng., vol. 6, no. 4, pp. 1880–1888, 2016.

P. Bereziński, B. Jasiul, and M. Szpyrka, “An entropy-based network anomaly detection method,†Entropy, vol. 17, no. 4, pp. 2367–2408, 2015.

H. EzzatIbrahim, S. M. Badr, and M. A. Shaheen, “Adaptive Layered Approach using Machine Learning Techniques with Gain Ratio for Intrusion Detection Systems,†Int. J. Comput. Appl., vol. 56, no. 7, pp. 10–16, 2012.

H. Chae and S. H. Choi, “Feature Selection for efficient Intrusion Detection using Attribute Ratio,†Int. J. Comput. Commun., vol. 8, pp. 134–139, 2014.

I. Syarif, “Feature Selection of Network Intrusion Data using Genetic Algorithm and Particle Swarm Optimization,†Emit. Int. J. Eng. Technol., vol. 4, no. 2, pp. 277–290, 2016.

A. I. Madbouly and T. M. Barakat, “Enhanced relevant feature selection model for intrusion detection systems,†Int. J. Intell. Eng. Informatics, vol. 4, no. 1, p. 21, 2016.

T. Ahmad and M. N. Aziz, “Data preprocessing and feature selection for machine learning intrusion detection systems,†ICIC Express Lett., vol. 13, no. 2, pp. 93–101, 2019.

B. Dhruba K and K. Jugal K, Network Anomaly Detection A Machine Learning Perspective. 2014.

S. Agrawal and J. Agrawal, “Survey on Anomaly Detection using Data Mining Techniques,†Procedia - Procedia Comput. Sci., vol. 60, pp. 708–713, 2015.

A. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,†IEEE Commun. Surv. Tutorials, vol. PP, no. 99, p. 1, 2015.

D. Summeet and D. Xian, Data Mining and Machine Learning in Cybersecurity. CRC Press, 2011.

S. Aljawarneh, M. B. Yassein, and M. Aljundi, “An enhanced J48 classification algorithm for the anomaly intrusion detection systems,†Cluster Comput., pp. 1–17, 2017.

R. Goel, A. Sardana, and R. C. Joshi, “Parallel Misuse and Anomaly Detection Model,†vol. 14, no. 4, pp. 211–222, 2012.

T. Garg and S. S. Khurana, “Comparison of classification techniques for intrusion detection dataset using WEKA,†Int. Conf. Recent Adv. Innov. Eng. ICRAIE 2014, 2014.

B. Cui and S. He, “Anomaly detection model based on hadoop platform and weka interface,†Proc. - 2016 10th Int. Conf. Innov. Mob. Internet Serv. Ubiquitous Comput. IMIS 2016, pp. 84–89, 2016.

A. Abd and A. Hadi, “Performance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm,†Int. J. Appl. Eng. Res., vol. 13, no. 2, pp. 1520–1527, 2018.

Downloads

Published

2021-01-22

Issue

Vol. 5 No. 1 (2021): Januari 2021

Section

Articles

License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under Creative Commons Attribution 4.0 International License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (Refer to The Effect of Open Access).