The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.08 - August (2010 vol.21)
pp: 1143-1149
Khalil El-Khatib , University of Ontario Institute of Technology, Oshawa
ABSTRACT
Intrusion Detection Systems (IDSs) are a major line of defense for protecting network resources from illegal penetrations. A common approach in intrusion detection models, specifically in anomaly detection models, is to use classifiers as detectors. Selecting the best set of features is central to ensuring the performance, speed of learning, accuracy, and reliability of these detectors as well as to remove noise from the set of features used to construct the classifiers. In most current systems, the features used for training and testing the intrusion detection systems consist of basic information related to the TCP/IP header, with no considerable attention to the features associated with lower level protocol frames. The resulting detectors were efficient and accurate in detecting network attacks at the network and transport layers, but unfortunately, not capable of detecting 802.11-specific attacks such as deauthentication attacks or MAC layer DoS attacks. In this paper, we propose a novel hybrid model that efficiently selects the optimal set of features in order to detect 802.11-specific intrusions. Our model for feature selection uses the information gain ratio measure as a means to compute the relevance of each feature and the k-means classifier to select the optimal set of MAC layer features that can improve the accuracy of intrusion detection systems while reducing the learning time of their learning algorithm. In the experimental section of this paper, we study the impact of the optimization of the feature set for wireless intrusion detection systems on the performance and learning time of different types of classifiers based on neural networks. Experimental results with three types of neural network architectures clearly show that the optimization of a wireless feature set has a significant impact on the efficiency and accuracy of the intrusion detection system.
INDEX TERMS
Feature selection, intrusion detection systems, K-means, information gain ratio, wireless networks, neural networks.
CITATION
Khalil El-Khatib, "Impact of Feature Reduction on the Efficiency of Wireless Intrusion Detection Systems", IEEE Transactions on Parallel & Distributed Systems, vol.21, no. 8, pp. 1143-1149, August 2010, doi:10.1109/TPDS.2009.142
REFERENCES
[1] A. Boukerche, R.B. Machado, K.R.L. Jucá, J.B.M. Sobral, and M.S.M.A. Notare, "An Agent Based and Biological Inspired Real-Time Intrusion Detection and Security Model for Computer Network Operations," Computer Comm., vol. 30, no. 13, pp. 2649-2660, Sept. 2007.
[2] A. Boukerche, K.R.L. Juc, J.B. Sobral, and M.S.M.A. Notare, "An Artificial Immune Based Intrusion Detection Model for Computer and Telecommunication Systems," Parallel Computing, vol. 30, nos. 5/6, pp. 629-646, 2004.
[3] A. Boukerche and M.S.M.A. Notare, "Behavior-Based Intrusion Detection in Mobile Phone Systems," J. Parallel and Distributed Computing, vol. 62, no. 9, pp. 1476-1490, 2002.
[4] Y. Chen, Y. Li, X. Cheng, and L. Guo, "Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System," Proc. Conf. Information Security and Cryptology (Inscrypt), 2006.
[5] H. Liu and H. Motoda, Feature Selection for Knowledge Discovery and Data Mining. Kluwer Academic, 1998.
[6] http://kdd.ics.uci.edu/databases/kddcup99 task.html, 2010.
[7] A.H. Sung and S. Mukkamala, "The Feature Selection and Intrusion Detection Problems," Proc. Ninth Asian Computing Science Conf., 2004.
[8] A.H. Sung and S. Mukkamala, "Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks," Proc. Symp. Applications and the Internet (SAINT '03), Jan. 2003.
[9] G. Stein, B. Chen, A.S. Wu, and K.A. Hua, "Decision Tree Classifier for Network Intrusion Detection with GA-Based Feature Selection," Proc. 43rd ACM Southeast Regional Conf.—Volume 2, Mar. 2005.
[10] A. Hofmann, T. Horeis, and B. Sick, "Feature Selection for Intrusion Detection: An Evolutionary Wrapper Approach," Proc. IEEE Int'l Joint Conf. Neural Networks, July 2004.
[11] J. Bellardo and S. Savage, "802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions," Proc. USENIX Security Symp., pp. 15-28, 2003.
[12] http:/www.aircrack-ng.org/, 2010.
[13] Y.-H. Liu, D.-X. Tian, and D. Wei, "A Wireless Intrusion Detection Method Based on Neural Network," Proc. Second IASTED Int'l Conf. Advances in Computer Science and Technology, Jan. 2006.
[14] T.M. Khoshgoftaar, S.V. Nath, S. Zhong, and N. Seliya, "Intrusion Detection in Wireless Networks Using Clustering Techniques with Expert Analysis," Proc. Fourth Int'l Conf. Machine Learning and Applications, Dec. 2005.
[15] S. Zhong, T.M. Khoshgoftaar, and S.V. Nath, "A Clustering Approach to Wireless Network Intrusion Detection," Proc. 17th IEEE Int'l Conf. Tools with Artificial Intelligence (ICTAI '05), Nov. 2005.
[16] A. Bittau, M. Handley, and J. Lackey, "The Final Nail in WEP's Coffin," Proc. IEEE Symp. Security and Privacy, May 2006.
[17] IEEE 802.11-1999, Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Higher Speed Physical Layer Extension in the 2.4 GHz Band.
[18] J.R. Quinlan, "Induction of Decision Trees," Machine Learning, vol. 1, pp. 81-106, 1986.
[19] Z. Zhang and C. Manikopoulos, "Investigation of Neural Network Classification of Computer Network Attacks," Proc. Int'l Conf. Information Technology: Research and Education, pp. 590-594, Aug. 2003.
[20] NeuroSolutions, Inc., http:/www.neurosolutions.com/, 2010.
[21] CERT, http://www.cert.orgstats/, 2010.
[22] J. Yeo, M. Youssef, and A. Agrawala, "A Framework for Wireless LAN Monitoring and Its Applications," Proc. ACM Workshop Wireless Security, pp. 70-79, 2004.
[23] Y. Chen, Y. Li, X. Cheng, and L. Guo, "Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System," Proc. Conf. Information Security and Cryptology (Inscrypt), 2006.
[24] A. Boukerche, Algorithms and Protocols for Wireless and Mobile Ad Hoc Networks. Wiley, 2008.
[25] A. Boukerche, Handbook of Algorithms for Wireless Networking and Mobile Computing. CRC/Chapman and Hall, 2005.
[26] A. Boukerche, X. Cheng, and J. Linus, "Energy-Aware Data-Centric Routing in Microsensor Networks," Proc. Sixth ACM Int'l Workshop Modeling Analysis and Simulation of Wireless and Mobile Systems, pp. 42-49, 2003.
39 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool