A Comparative Analysis of Intrusion Detection Systems: Leveraging Classification Algorithms and Feature Selection Techniques
Abstract
With the increasing use of the Internet and its coverage of all areas of life and the increasing amount of sensitive and confidential information on the Internet, the number of malicious attacks on that information has increased with the aim of destroying, changing, or misusing it. Consequently, the need to discover and prevent these kinds of attacks has increased in order to maintain privacy, reliability, and even availability. For this purpose, intelligent systems have been developed to detect these attacks, which are called Intrusion Detection System (IDS). These systems were tested and applied to special benchmark datasets that contain a large number of features and a massive number of observations. However, not all the features are important, and some are not relevant. Therefore, applying feature selection techniques becomes crucial, which select the features with the most importance and relevance in order to enhance the performance of the classification model. The aim of this review paper is to conduct a comparative analysis of various state-of-the-art IDS that use algorithm classifications to detect network attacks with the cooperation of feature selection techniques that have been applied to various well-known IDS datasets, such as KDD cup99, NSL-KDD, etc. This comparison is based on several factors, including the utilized classification technique, feature selection used, employed evaluation metrics, datasets used, and finally the highest accuracy rate obtained by each study.
Keywords
Classification Algorithm, IDS , Feature Selection, NSL-KDD , Machine Learning, Deep Learning, Network Attacks
References
- A. S. Eesa, Z. Orman, and A. M. A. Brifcani, “A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems,” Expert Syst Appl, vol. 42, no. 5, pp. 2670–2679, Apr. 2015, doi: 10.1016/j.eswa.2014.11.009.
- S. X. Wu and W. Banzhaf, “The use of computational intelligence in intrusion detection systems: A review,” Applied Soft Computing Journal, vol. 10, no. 1, pp. 1–35, 2010, doi: 10.1016/j.asoc.2009.06.019.
- H. J. Liao, C. H. Richard Lin, Y. C. Lin, and K. Y. Tung, “Intrusion detection system: A comprehensive review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16–24, 2013, doi: 10.1016/j.jnca.2012.09.004.
- C. H. Tsang, S. Kwong, and H. Wang, “Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection,” Pattern Recognit, vol. 40, no. 9, pp. 2373–2391, 2007, doi: 10.1016/j.patcog.2006.12.009.
- S. Subbiah, K. S. M. Anbananthen, S. Thangaraj, S. Kannan, and D. Chelliah, “Intrusion detection technique in wireless sensor network using grid search random forest with Boruta feature selection algorithm,” Journal of Communications and Networks, vol. 24, no. 2, pp. 264–273, Apr. 2022, doi: 10.23919/jcn.2022.000002.
- S. Ganapathy, K. Kulothungan, S. Muthurajkumar, M. Vijayalakshmi, L. Yogesh, and A. Kannan, “Intelligent feature selection and classification techniques for intrusion detection in networks: A survey,” EURASIP J Wirel Commun Netw, vol. 2013, no. 1, pp. 1–16, 2013, doi: 10.1186/1687-1499-2013-271.
- E. E. Abdallah, W. Eleisah, and A. F. Otoom, “Intrusion Detection Systems using Supervised Machine Learning Techniques: A survey,” in Procedia Computer Science, Elsevier B.V., 2022, pp. 205–212. doi: 10.1016/j.procs.2022.03.029.
- A. A. Saleem, M. M. Hassan, and I. A. Ali, “INTELLIGENT HOME: EMPOWERING SMART HOME WITH MACHINE LEARNING FOR USER ACTION PREDICTION,” Science Journal of University of Zakho, vol. 11, no. 3, pp. 403–420, Aug. 2023, doi: 10.25271/sjuoz.2023.11.3.1145.
- P. K. Singh, A. K. Kar, Y. Singh, M. H. Kolekar, and S. Tanwar, Eds., Proceedings of ICRIC 2019: Recent Innovations in Computing, First Edit. Springer Nature, 2020. doi: https://doi.org/10.1007/978-3-030-29407-6.
- A. A. Saleem, M. M. Hassan, and I. A. Ali, “Smart Homes Powered by Machine Learning: A Review,” Proceedings of the 2nd 2022 International Conference on Computer Science and Software Engineering, CSASE 2022, pp. 355–361, 2022, doi: 10.1109/CSASE51777.2022.9759682.
- A. A. Salih and A. M. Abdulazeez, “Evaluation of Classification Algorithms for Intrusion Detection System: A Review,” Journal of Soft Computing and Data Mining, vol. 2, no. 1, pp. 31–40, Apr. 2021, doi: 10.30880/jscdm.2021.02.01.004.
- M. Bertolini, D. Mezzogori, M. Neroni, and F. Zammori, “Machine Learning for industrial applications: A comprehensive literature review,” Expert Syst Appl, vol. 175, no. February, p. 114820, 2021, doi: 10.1016/j.eswa.2021.114820.
- C. Kalimuthan and J. Arokia Renjit, “Review on intrusion detection using feature selection with machine learning techniques,” Mater Today Proc, vol. 33, no. xxxx, pp. 3794–3802, 2020, doi: 10.1016/j.matpr.2020.06.218.
- Z. Azam, M. M. Islam, and M. N. Huda, “Comparative Analysis of Intrusion Detection Systems and Machine Learning-Based Model Analysis Through Decision Tree,” IEEE Access, vol. 11, pp. 80348–80391, 2023, doi: 10.1109/ACCESS.2023.3296444.
- A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 1, Dec. 2019, doi: 10.1186/s42400-019-0038-7.
- N. Unnisa A, M. Yerva, and K. M Z, “Review on Intrusion Detection System (IDS) for Network Security using Machine Learning Algorithms,” International Research Journal on Advanced Science Hub, vol. 4, no. 03, pp. 67–74, Mar. 2022, doi: 10.47392/irjash.2022.014.
- Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, Jan. 2021, doi: 10.1002/ett.4150.
- S. Choudhary and N. Kesswani, “Analysis of KDD-Cup’99, NSL-KDD and UNSW-NB15 Datasets using Deep Learning in IoT,” in Procedia Computer Science, Elsevier B.V., 2020, pp. 1561–1573. doi: 10.1016/j.procs.2020.03.367.
- Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, Jan. 2021, doi: 10.1002/ett.4150.
- A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 1, Dec. 2019, doi: 10.1186/s42400-019-0038-7.
- H. Bostani and M. Sheikhan, “Hybrid of binary gravitational search algorithm and mutual information for feature selection in intrusion detection systems,” Soft comput, vol. 21, no. 9, pp. 2307–2324, 2017, doi: 10.1007/s00500-015-1942-8.
- G. Cybenko and T. G. Allen, “Parallel Algorithms For Classification And Clustering,” Advanced Algorithms and Architectures for Signal Processing II, vol. 0826, no. 4, p. 126, 1988, doi: 10.1117/12.942023.
- P. Dhal and C. Azad, “A comprehensive survey on feature selection in the various fields of machine learning,” Applied Intelligence, vol. 52, no. 4, pp. 4543–4581, Mar. 2022, doi: 10.1007/s10489-021-02550-9.
- A. Salappa, M. Doumpos, and C. Zopounidis, “Feature selection algorithms in classification problems: An experimental evaluation,” Optim Methods Softw, vol. 22, no. 1, pp. 199–212, 2007, doi: 10.1080/10556780600881910.
- Y. Chen, Y. Li, X. Q. Cheng, and L. Guo, “Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4318 LNCS, pp. 153–167, 2006, doi: 10.1007/11937807_13.
- G. Qu, S. Hariri, and M. Yousif, “A new dependency and correlation analysis for features,” IEEE Trans Knowl Data Eng, vol. 17, no. 9, pp. 1199–1206, 2005, doi: 10.1109/TKDE.2005.136.
- M. A. Ambusaidi, X. He, Z. Tan, P. Nanda, L. F. Lu, and U. T. Nagar, “A novel feature selection approach for intrusion detection data classification,” Proceedings - 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2014, pp. 82–89, 2015, doi: 10.1109/TrustCom.2014.15.
- B. Xue, L. Cervante, L. Shang, W. N. Browne, and M. Zhang, “A multi-objective particle swarm optimisation for filter-based,” Connection Science 31:4, vol. 24, no. September, pp. 91–116, 2012.
- F. Salo, A. B. Nassif, and A. Essex, “Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection,” Computer Networks, vol. 148, pp. 164–175, 2019, doi: 10.1016/j.comnet.2018.11.010.
- B. Xue, A. K. Qin, and M. Zhang, “An archive based particle swarm optimisation for feature selection in classification,” Proceedings of the 2014 IEEE Congress on Evolutionary Computation, CEC 2014, pp. 3119–3126, 2014, doi: 10.1109/CEC.2014.6900472.
- I. Ahmad, “Feature selection using particle swarm optimization in intrusion detection,” Int J Distrib Sens Netw, vol. 2015, 2015, doi: 10.1155/2015/806954.
- S. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” J Comput Sci, vol. 25, pp. 152–160, 2018, doi: 10.1016/j.jocs.2017.03.006.
- A. Chakrawarti, D. Shiv, and S. Shrivastava, “International Journal of INTELLIGENT SYSTEMS AND APPLICATIONS IN ENGINEERING Intrusion Detection System using Long Short-Term Memory and Fully Connected Neural Network on Kddcup99 and NSL-KDD Dataset,” International Journal of Intelligent Systems and Applications in Engineering IJISAE, vol. 11, no. 9s, pp. 621–635, 2023, [Online]. Available: www.ijisae.org
- Srinath Venkatesan, “Design an Intrusion Detection System based on Feature Selection Using ML Algorithms,” Mathematical Statistician and Engineering Applications, vol. 72, no. 1, pp. 702–710, 2023, [Online]. Available: http://philstat.org.ph
- Y. Yin et al., “IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset,” J Big Data, vol. 10, no. 1, Dec. 2023, doi: 10.1186/s40537-023-00694-8.
- A. Henry et al., “Composition of Hybrid Deep Learning Model and Feature Optimization for Intrusion Detection System,” Sensors, vol. 23, no. 2, Jan. 2023, doi: 10.3390/s23020890.
- S. Konde and S. B. Deosarkar, “A NOVEL INTRUSION DETECTION SYSTEM (IDS) FRAMEWORK FOR AGRICULTURAL IOT NETWORKS,” J Theor Appl Inf Technol, vol. 15, no. 21, 2023, [Online]. Available: www.jatit.org
- H. Azzaoui, A. Z. E. Boukhamla, D. Arroyo, and A. Bensayah, “Developing new deep-learning model to enhance network intrusion classification,” Evolving Systems, vol. 13, no. 1, pp. 17–25, Feb. 2022, doi: 10.1007/s12530-020-09364-z.
- A. Sunyoto and Hanafi, “Enhance Intrusion Detection (IDS) System Using Deep SDAE to Increase Effectiveness of Dimensional Reduction in Machine Learning and Deep Learning,” International Journal of Intelligent Engineering and Systems, vol. 15, no. 4, pp. 125–141, 2022, doi: 10.22266/ijies2022.0831.13.
- Y. Fu, Y. Du, Z. Cao, Q. Li, and W. Xiang, “A Deep Learning Model for Network Intrusion Detection with Imbalanced Data,” Electronics (Switzerland), vol. 11, no. 6, Mar. 2022, doi: 10.3390/electronics11060898.
- H. Alazzam, A. Sharieh, and K. E. Sabri, “A lightweight intelligent network intrusion detection system using OCSVM and Pigeon inspired optimizer,” Applied Intelligence, vol. 52, no. 4, pp. 3527–3544, Mar. 2022, doi: 10.1007/s10489-021-02621-x.
- I. Hidayat, M. Z. Ali, and A. Arshad, “Machine Learning-Based Intrusion Detection System: An Experimental Comparison,” Journal of Computational and Cognitive Engineering, Jul. 2022, doi: 10.47852/bonviewJCCE2202270.
- S. Subbiah, K. S. M. Anbananthen, S. Thangaraj, S. Kannan, and D. Chelliah, “Intrusion detection technique in wireless sensor network using grid search random forest with Boruta feature selection algorithm,” Journal of Communications and Networks, vol. 24, no. 2, pp. 264–273, Apr. 2022, doi: 10.23919/jcn.2022.000002.
- I. Ahmad, Q. E. U. Haq, M. Imran, M. O. Alassafi, and R. A. Alghamdi, “An Efficient Network Intrusion Detection and Classification System,” Mathematics, vol. 10, no. 3, Feb. 2022, doi: 10.3390/math10030530.
- M. A. Almaiah et al., “Performance Investigation of Principal Component Analysis for Intrusion Detection System Using Different Support Vector Machine Kernels,” Electronics (Switzerland), vol. 11, no. 21, Nov. 2022, doi: 10.3390/electronics11213571.
- A. Halbouni, T. S. Gunawan, M. H. Habaebi, M. Halbouni, M. Kartiwi, and R. Ahmad, “CNN-LSTM: Hybrid Deep Neural Network for Network Intrusion Detection System,” IEEE Access, vol. 10, pp. 99837–99849, 2022, doi: 10.1109/ACCESS.2022.3206425.
- S. Ethala and A. Kumarappan, “A Hybrid Spider Monkey and Hierarchical Particle Swarm Optimization Approach for Intrusion Detection on Internet of Things,” Sensors, vol. 22, no. 21, Nov. 2022, doi: 10.3390/s22218566.
- R. Chaganti, A. Mourade, V. Ravi, N. Vemprala, A. Dua, and B. Bhushan, “A Particle Swarm Optimization and Deep Learning Approach for Intrusion Detection System in Internet of Medical Things,” Sustainability (Switzerland), vol. 14, no. 19, Oct. 2022, doi: 10.3390/su141912828.
- R. A. Disha and S. Waheed, “Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based Weighted Random Forest (GIWRF) feature selection technique,” Cybersecurity, vol. 5, no. 1, Dec. 2022, doi: 10.1186/s42400-021-00103-8.
- D. N. Mhawi, A. Aldallal, and S. Hassan, “Advanced Feature-Selection-Based Hybrid Ensemble Learning Algorithms for Network Intrusion Detection Systems,” Symmetry (Basel), vol. 14, no. 7, Jul. 2022, doi: 10.3390/sym14071461.
- A. Guezzaz, S. Benkirane, M. Azrour, and S. Khurram, “A Reliable Network Intrusion Detection Approach Using Decision Tree with Enhanced Data Quality,” Security and Communication Networks, vol. 2021, 2021, doi: 10.1155/2021/1230593.
- M. Chora? and M. Pawlicki, “Intrusion detection approach based on optimised artificial neural network,” Neurocomputing, vol. 452, pp. 705–715, Sep. 2021, doi: 10.1016/j.neucom.2020.07.138.
- B. Mohammed and E. Gbashi, “Intrusion Detection System for NSL-KDD Dataset Based on Deep Learning and Recursive Feature Elimination,” Engineering and Technology Journal, vol. 39, no. 7, pp. 1069–1079, Jul. 2021, doi: 10.30684/etj.v39i7.1695.
- T. Wisanwanichthan and M. Thammawichai, “A Double-Layered Hybrid Approach for Network Intrusion Detection System Using Combined Naive Bayes and SVM,” IEEE Access, vol. 9, pp. 138432–138450, 2021, doi: 10.1109/ACCESS.2021.3118573.
- R. A. R. Mahmood, A. H. Abdi, and M. Hussin, “Performance evaluation of intrusion detection system using selected features and machine learning classifiers,” Baghdad Science Journal, vol. 18, pp. 884–898, Jun. 2021, doi: 10.21123/bsj.2021.18.2(Suppl.).0884.
- P. K. Keserwani, M. C. Govil, E. S. Pilli, and P. Govil, “A smart anomaly-based intrusion detection system for the Internet of Things (IoT) network using GWO–PSO–RF model,” J Reliab Intell Environ, vol. 7, no. 1, pp. 3–21, Mar. 2021, doi: 10.1007/s40860-020-00126-x.
- M. Rabbani, Y. L. Wang, R. Khoshkangini, H. Jelodar, R. Zhao, and P. Hu, “A hybrid machine learning approach for malicious behaviour detection and recognition in cloud computing,” Journal of Network and Computer Applications, vol. 151, Feb. 2020, doi: 10.1016/j.jnca.2019.102507.
- A. Kumari and A. K. Mehta, “A Hybrid Intrusion Detection System Based on Decision Tree and Support Vector Machine,” in 2020 IEEE 5th International Conference on Computing Communication and Automation, ICCCA 2020, Institute of Electrical and Electronics Engineers Inc., Oct. 2020, pp. 396–400. doi: 10.1109/ICCCA49541.2020.9250753.
- N. Kunhare, R. Tiwari, and J. Dhar, “Particle swarm optimization and feature selection for intrusion detection system,” Sadhana - Academy Proceedings in Engineering Sciences, vol. 45, no. 1, pp. 1–14, Dec. 2020, doi: 10.1007/S12046-020-1308-5/METRICS.
- Gabriel Chukwunonso Amaizu, Cosmas Ifeanyi Nwakanma, Jae-Min Lee, and Dong-Seong Kim, “Investigating Network Intrusion Detection Datasets Using Machine Learning,” ICTC 2020?: the 11th International Conference on ICT Convergence?: “Data, Network, and AI in the Age of ‘Untact’” , 2020, doi: 10.1109/ICTC49870.2020.9289329.
- Y. and M. R. Negandhi Prashil and Trivedi, “Intrusion Detection System Using Random Forest on the NSL-KDD Dataset,” in Emerging Research in Computing, Information, Communication and Applications, L. M. and N. H. C. and H. P. N. and N. N. Shetty N. R. and Patnaik, Ed., Singapore: Springer Singapore, 2019, pp. 519–531.