Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control and Artificial Intelligence
SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Protocol Analysis in Intrusion Detection Using Decision Tree
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Detecting Distributed Denial-of-Service Attacks Using Kolmogorov Complexity Metrics
Journal of Network and Systems Management
Network Intrusion Detection Through Genetic Feature Selection
SNPD-SAWN '06 Proceedings of the Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing
Decision tree classifier for network intrusion detection with GA-based feature selection
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Computer Networks: The International Journal of Computer and Telecommunications Networking
A novel intrusion detection system based on feature generation with visualization strategy
Expert Systems with Applications: An International Journal
Hi-index | 12.05 |
This study proposed a method which can detect large-scale attacks, such as DoS attacks, in real-time by weighted KNN classifiers. The key factor for designing an anomaly-based NIDS is to select significant features for making decisions. Not only is excellent detection performance required, but real-time processing is also demanded for most NIDSs. A good feature selection policy, which can choose significant and as few as possible features, plays a key role for any successful NIDS. The study proposed a genetic algorithm combined with KNN (k-nearest-neighbor) for feature selection and weighting. All initial 35 features in the training phase were weighted, and the top ones were selected to implement NIDSs for testing. Many DoS attacks were applied to evaluate the systems. For known attacks, an overall accuracy rate as high as 97.42% was obtained, while only the top 19 features were considered. For unknown attacks, an overall accuracy rate of 78% was obtained using the top 28 features.