A Multi-Objective Evolutionary Algorithm based Feature Selection for Intrusion Detection

Abstract

Nowad ays, with the development of internet communication that provides many facilities to the user leads in turn to growing unauthorized access. As a result, intrusion detection system (IDS) becomes necessary to provide a high level of security for huge amount of information transferred in the network to protect them from threats. One of the main challenges for IDS is the high dimensionality of the feature space and how the relevant features to distinguish the normal network traffic from attack network are selected. In this paper, multi-objective evolutionary algorithm with decomposition (MOEA/D) and MOEA/D with the injection of a proposed local search operator are adopted to solve the Multi-objective optimization (MOO) followed by Naïve Bayes (NB) classifier for classification purpose and judging the ability of the proposed models to distinguish between attack network traffic and normal network traffic. The performance of the proposed models is evaluated against two baseline models feature vitality based reduction method (FVBRM) and NB. The experiments on network security laboratory-knowledge discovery and data mining (NSL-KDD) benchmark dataset ensure the ability of the proposed MOO based models to select an optimal subset of features that has a higher discriminatory power for discriminating attack from normal over the baselines models. Furthermore, the proposed local search operator ensures its ability to harness the performance of MOO model through achieving an obvious feature reduction on average from 16.83 features to 8.54 features (i.e., approximately 50%) in addition to the increase in NB classifier accuracy from 98.829 to 98.859 and detection rate from 98.906 to 99.043.