Machine Learning-Based Intrusion Detection: Feature Selection versus
Feature Extraction
- URL: http://arxiv.org/abs/2307.01570v1
- Date: Tue, 4 Jul 2023 08:48:01 GMT
- Title: Machine Learning-Based Intrusion Detection: Feature Selection versus
Feature Extraction
- Authors: Vu-Duc Ngo, Tuan-Cuong Vuong, Thien Van Luong, and Hung Tran
- Abstract summary: Internet of things (IoT) devices are highly vulnerable to cyber-attacks.
A variety of machine learning-based network intrusion detection methods for IoT networks have been developed.
This paper provides a comprehensive comparison between these two feature reduction methods of intrusion detection in terms of various performance metrics.
- Score: 3.5889226512319903
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Internet of things (IoT) has been playing an important role in many sectors,
such as smart cities, smart agriculture, smart healthcare, and smart
manufacturing. However, IoT devices are highly vulnerable to cyber-attacks,
which may result in security breaches and data leakages. To effectively prevent
these attacks, a variety of machine learning-based network intrusion detection
methods for IoT networks have been developed, which often rely on either
feature extraction or feature selection techniques for reducing the dimension
of input data before being fed into machine learning models. This aims to make
the detection complexity low enough for real-time operations, which is
particularly vital in any intrusion detection systems. This paper provides a
comprehensive comparison between these two feature reduction methods of
intrusion detection in terms of various performance metrics, namely, precision
rate, recall rate, detection accuracy, as well as runtime complexity, in the
presence of the modern UNSW-NB15 dataset as well as both binary and multiclass
classification. For example, in general, the feature selection method not only
provides better detection performance but also lower training and inference
time compared to its feature extraction counterpart, especially when the number
of reduced features K increases. However, the feature extraction method is much
more reliable than its selection counterpart, particularly when K is very
small, such as K = 4. Additionally, feature extraction is less sensitive to
changing the number of reduced features K than feature selection, and this
holds true for both binary and multiclass classifications. Based on this
comparison, we provide a useful guideline for selecting a suitable intrusion
detection type for each specific scenario, as detailed in Tab. 14 at the end of
Section IV.
Related papers
- Renormalized Connection for Scale-preferred Object Detection in Satellite Imagery [51.83786195178233]
We design a Knowledge Discovery Network (KDN) to implement the renormalization group theory in terms of efficient feature extraction.
Renormalized connection (RC) on the KDN enables synergistic focusing'' of multi-scale features.
RCs extend the multi-level feature's divide-and-conquer'' mechanism of the FPN-based detectors to a wide range of scale-preferred tasks.
arXiv Detail & Related papers (2024-09-09T13:56:22Z) - Detection-Rate-Emphasized Multi-objective Evolutionary Feature Selection for Network Intrusion Detection [21.104686670216445]
We propose DR-MOFS to model the feature selection problem in network intrusion detection as a three-objective optimization problem.
In most cases, the proposed method can outperform previous methods, i.e., lead to fewer features, higher accuracy and detection rate.
arXiv Detail & Related papers (2024-06-13T14:42:17Z) - Effective Intrusion Detection in Highly Imbalanced IoT Networks with
Lightweight S2CGAN-IDS [48.353590166168686]
Internet of Things (IoT) networks contain benign traffic far more than abnormal traffic, with some rare attacks.
Most existing studies have been focused on sacrificing the detection rate of the majority class in order to improve the detection rate of the minority class.
We propose a lightweight framework named S2CGAN-IDS to expand the number of minority categories in both data space and feature space.
arXiv Detail & Related papers (2023-06-06T14:19:23Z) - Effective Metaheuristic Based Classifiers for Multiclass Intrusion
Detection [0.0]
Intrusion detection plays an important role in the security of information systems or networks devices.
Having a large amount of data is one of the key problems in detecting attacks.
A feature selection method plays a key role to select best features to achieve maximum accuracy.
arXiv Detail & Related papers (2022-10-06T04:56:01Z) - A Robust and Explainable Data-Driven Anomaly Detection Approach For
Power Electronics [56.86150790999639]
We present two anomaly detection and classification approaches, namely the Matrix Profile algorithm and anomaly transformer.
The Matrix Profile algorithm is shown to be well suited as a generalizable approach for detecting real-time anomalies in streaming time-series data.
A series of custom filters is created and added to the detector to tune its sensitivity, recall, and detection accuracy.
arXiv Detail & Related papers (2022-09-23T06:09:35Z) - An Explainable Machine Learning-based Network Intrusion Detection System
for Enabling Generalisability in Securing IoT Networks [0.0]
Machine Learning (ML)-based network intrusion detection systems bring many benefits for enhancing the security posture of an organisation.
Many systems have been designed and developed in the research community, often achieving a perfect detection rate when evaluated using certain datasets.
This paper tightens the gap by evaluating the generalisability of a common feature set to different network environments and attack types.
arXiv Detail & Related papers (2021-04-15T00:44:45Z) - Supervised Feature Selection Techniques in Network Intrusion Detection:
a Critical Review [9.177695323629896]
Machine Learning techniques are becoming an invaluable support for network intrusion detection.
Dealing with the vast diversity and number of features that typically characterize data traffic is a hard problem.
By reducing the feature space and retaining only the most significant features, Feature Selection (FS) becomes a crucial pre-processing step in network management.
arXiv Detail & Related papers (2021-04-11T08:42:01Z) - AutoOD: Automated Outlier Detection via Curiosity-guided Search and
Self-imitation Learning [72.99415402575886]
Outlier detection is an important data mining task with numerous practical applications.
We propose AutoOD, an automated outlier detection framework, which aims to search for an optimal neural network model.
Experimental results on various real-world benchmark datasets demonstrate that the deep model identified by AutoOD achieves the best performance.
arXiv Detail & Related papers (2020-06-19T18:57:51Z) - One-Shot Object Detection without Fine-Tuning [62.39210447209698]
We introduce a two-stage model consisting of a first stage Matching-FCOS network and a second stage Structure-Aware Relation Module.
We also propose novel training strategies that effectively improve detection performance.
Our method exceeds the state-of-the-art one-shot performance consistently on multiple datasets.
arXiv Detail & Related papers (2020-05-08T01:59:23Z) - BiDet: An Efficient Binarized Object Detector [96.19708396510894]
We propose a binarized neural network learning method called BiDet for efficient object detection.
Our BiDet fully utilizes the representational capacity of the binary neural networks for object detection by redundancy removal.
Our method outperforms the state-of-the-art binary neural networks by a sizable margin.
arXiv Detail & Related papers (2020-03-09T08:16:16Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.