Enhancing MLP Performance in Intrusion Detection using Optimal Feature Subset Selection based on Genetic Principal Components

Authors

Iftikhar Ahmad, Department of Software Engineering, College of Computer and Information Sciences, King Saud University, P.O. Box 51178, Riyadh 11543, Saudi ArabiaFollow

Author Country (or Countries)

Saudi Arabia

Abstract

Computer and network systems nowadays are facing many security issues, one of which considered important is intrusion. To prevent such intrusion, a mechanism for optimal intrusion detection is deemed necessary. A number of tools and techniques are available, yet most of them still face a main problem that is on performance. The performance, in essence, can be increased by reducing false positives and increasing accurate detection rate. What has made the performance terrible in the existing intrusion detection approaches is due to the use of a raw dataset that includes redundancy and leads the classifier to be confused. To overcome this issue, Principal Component Analysis (PCA) has been used to project a number of raw features on principal feature space and to select the features based on their sensitivity determined by the magnitude of eigenvalues. Here, only the features corresponding to the highest eigenvalues are selected; the remaining features, by contrast, are ignored. Due to the ignorance of many important and sensitive features for the classifier for their lowest eigenvalues, this method comes to be not optimal. Therefore, a suitable method is necessary to select a subset of features, which, in turn, can enhance the classifier performance. The focus of this research is to observe a space of principal features to find a subset of sensitive features to the classifier, which can optimize the detection accuracy. Genetic Algorithm (GA) has been applied to solve an optimization problem. The raw features have, afterwards, been transformed through PCA into principal features space. GA, in this case, was used to search this features space to obtain principal components called genetic principal components (GPC). The feature set obtained through this process was, in turn, presented to the classifier. The Multilayer Perceptron (MLP), meanwhile, was used for classification considering its proven ability. Additionally, Knowledge Discovery and Data mining (KDD) cup dataset was used for the validation of the proposed approach, which is considered as a benchmark to evaluate the intrusion detection approaches. The performance of this approach has been analyzed and compared with a number of existing approaches. The results then show that proposed method outperforms the existing approaches. Not only does it significantly reduce the dimension of the feature space but also improves the detection accuracy.

Suggested Reviewers

N/A

Digital Object Identifier (DOI)

http://dx.doi.org/10.12785/amis/080222

Recommended Citation

Ahmad, Iftikhar (2014) "Enhancing MLP Performance in Intrusion Detection using Optimal Feature Subset Selection based on Genetic Principal Components," Applied Mathematics & Information Sciences: Vol. 08: Iss. 2, Article 22.
DOI: http://dx.doi.org/10.12785/amis/080222
Available at: https://digitalcommons.aaru.edu.jo/amis/vol08/iss2/22