Combinatorial Optimization based Feature Selection Method: A study on Network Intrusion Detection

Advancements in computer networks and communication technologies like software defined networks (SDN), Internet of things (IoT), microservices architecture, cloud computing and network function virtualization (NFV) have opened new fronts and challenges for security experts to combat against modern cyberattacks. Relying on perimeter defense and signature-based network security solutions like Intrusion Detection and Prevention Systems (IDS/IPS) have failed to deliver adequate level of security against new attack vectors such as advance persistent threats, zero days, ransomware, botnets and other forms of targeted attacks. Recent developments in machine learning and cognitive computing have shown great potential to detect unknown and new intrusion events where legacy misuse and anomaly based intrusion detection systems usually fail. In this research study we applied state of the art machine learning algorithms on UNSW-NB15 dataset for potential applicability to detect new attacks. We also proposed a novel wrapper based feature selection technique TS-RF using metaheuristic Tabu Search (TS) algorithm and Random Forest (RF) ensemble classifier. Results obtained by applying proposed feature selection technique i.e. TS-RF on UNSW-NB15 dataset show improvement in overall intrusion detection accuracy while it reduces computation complexity as it removes more than 60% features.