A Novel Network Intrusion Detection Framework for anomaly detection with TOPSIS based Context Adaptive Classification Mechanism using Hierarchical Feature Selection Algorithms

Authors

  • Kayathri Devi D, Sukumar R, Suresh Babu R

Abstract

Anomaly based Network Intrusion Detection System (A-NIDS) play a vital role in protecting the Information Systems. It employs various machine learning techniques for anomaly prediction. For appropriate classification of attack and non-attack patterns for different data traffic flow patterns, A-NIDS uses either single classifier or ensemble classifiers for proper detection. But, the system must have the ability to select and rank the classifiers based on the suitability of the datasets. A-NIDSs also face voluminous traffic as the size of the network grows. Detection with selected, appropriate features through feature selection algorithms not only reduces the processing time, also increases the accuracy in the detection rate. We propose a novel A-NIDS framework using Context Adaptive (CA) classification mechanism through the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) with hierarchy based Chi-square and Bat Algorithms for feature selection as a solution. TOPSIS helps to rank the classifiers based on the parameters like accuracy, false positive rate (FPR), and classification model building time. These parameters are considered for choosing the best, situation aware classifiers. For experimentation purpose, NSL-KDD and UNSW-NB15 benchmark datasets are used with 41 and 47 features respectively including the class labels. The proposed A-NIDS (CA) framework through TOPSIS decision making selects single classifier such as Decision Tree algorithm and produces 98.77% accuracy, 0.03% FPR with 8 features for NSL-KDD dataset. Ensemble Classifier algorithm is implemented on the UNSW-NB15 dataset with Decision Tree and SVM classifiers with 9 features. The results produced are 89.43% accuracy, and 3.215% FPR. A comparative evaluation of the proposed framework is done with the state of the art approaches and our proposed framework produces better and promising results.

Keywords- Context adaptive Classification; Intrusion Detection; Feature Selection; TOPSIS; Ensemble

Published

2020-12-22

Issue

Section

Articles