Network security has become the biggest concern in the area of cyber security because of the exponential growth in computer networks and applications. Intrusion detection plays an important role in the security of information systems or networks devices. The purpose of an intrusion detection system (IDS) is to detect malicious activities and then generate an alarm against these activities. Having a large amount of data is one of the key problems in detecting attacks. Most of the intrusion detection systems use all features of datasets to evaluate the models and result in is, low detection rate, high computational time and uses of many computer resources. For fast attacks detection IDS needs a lightweight data. A feature selection method plays a key role to select best features to achieve maximum accuracy. This research work conduct experiments by considering on two updated attacks datasets, UNSW-NB15 and CICDDoS2019. This work suggests a wrapper based Genetic Algorithm (GA) features selection method with ensemble classifiers. GA select the best feature subsets and achieve high accuracy, detection rate (DR) and low false alarm rate (FAR) compared to existing approaches. This research focuses on multi-class classification. Implements two ensemble methods: stacking and bagging to detect different types of attacks. The results show that GA improve the accuracy significantly with stacking ensemble classifier.
翻译:由于计算机网络和应用程序的指数增长,入侵探测在信息系统或网络装置的安全方面发挥着重要作用。入侵探测系统(IDS)的目的是探测恶意活动,然后对这些活动发出警报。大量数据是侦测攻击的一个关键问题。入侵探测系统使用数据集的所有特征来评价模型和结果:探测率低,计算时间高,许多计算机资源使用率高。对于快速袭击探测,IDS需要一份轻量数据。特征选择方法在选择最佳特征以达到最大精确度方面发挥着关键作用。这一研究工作通过考虑两个更新的攻击数据集(UNSW-NB15和CICDDoS2019)进行实验。这项工作表明,基于基因Algorithm(GA)的包装方法具有与大量分类者一起评价模型和结果的选择方法。GA选择了最佳特征子集,并实现了高准确度、检测率(DR)和低错误警报率(FAR)。这项研究的重点是选择最佳特征集,以便选择最佳特征特征特征,与现有方法相比,从而实现最大精确度。这项研究侧重于多级袭击数据集的精确性分类。执行双级的分类方法。