Integrated Intrusion Detection Model Using Chi-Square Feature Selection and Ensemble of Classifiers

摘要

Intrusion detection system is a device or software application that monitors a network of systems to identify any malicious activity or policy violations. In order to identify intrusions or normal activity, IDS would consider different network-related features such as source address, protocol and flag. The major challenge for any intrusion detection model is to achieve maximum accuracy with minimal false alarms. The aim of this paper is to identify the critical features required in the construction of intrusion detection model, thereby achieving the maximum accuracy. The model utilizes an ensemble approach of classifiers with minimum complexity to overcome the issues in the existing ensemble-based intrusion detection models. In this paper, Chi-square feature selection and the ensemble of classifiers such as support vector machine (SVM), modified Naive Bayes (MNB) and LPBoost are utilized to develop an intrusion detection model. The motivation for selecting Chi-square feature selection is that they rank the features based on the statistical significance test and consider only those features that are dependent on the class label. Supervised classifiers are highly consistent and produce precise results as the use of training data improves the ability to distinguish between classes with similar features. Experimental results indicate high accuracy in comparison with base classifiers by the ensemble of LPBoost. As there is a huge class imbalance present in the network traffic, the prediction of the class label by a majority voting of SVM, MNB and LPBoost is an optimal solution in preference to reliance on a single classifier.