An Enhanced Intrusion Detection System Based on
Multi-Layer Feature Reduction for Probe and DoS Attacks

M. El-Shrkawey1, Marwa Alalfi1, and Hassan Al-Mahdi2+
 

1Suez Canal University, Information System Department, Ismailia 41522, Egypt

melshrkawey@ci.suez.edu.eg, marwa.alalfi@gmail.com

2Suez Canal University, Computer Science Department, Ismailia 41522, Egypt

drhassanwesf@ci.suez.edu.eg

 

Abstract

Wireless network has an exponential increase in various aspects of the human community. Accordingly, transmitting a vast volume of sensitive and non-sensitive data over the network puts them at risk of being attacked. To avoid this, Intrusion Detection System (IDS) security is intended to detect threats and protect devices from attacks. IDS usually uses one of the following alternative approaches: signature-based, anomaly-based, or hybrid of the two. In spite of the IDS has been the focus of much research in recent years, there is still space for improvement. Based on the anomaly based approach, this paper proposes a modified algorithm called a Multi-layer Feature Selection and Reduction IDS (MFSR-IDS) for providing high-level protection against Denial-of-Service (DoS) and Probe attacks. The MFSR-IDS framework makes three major contributions. First, it reduces the feature dimensionality of the network dataset across three layers. Second, it has a fast and accurate detection system. Third, it provides a mathematical model of the framework under consideration. The MFSR-IDS algorithm selects optimal number of features from KDDCUP’99 dataset which used to train the predictive model based on different learning classifiers and ensemble methodology. The performance of MFSR-IDS is evaluated in terms of Detection Rate (DR), False Positive Rate (FPR), FScore, ROC area, Accuracy (Acc) and Processing time. The experiments indicate that, the proposed MFSR-IDS outperforms some existing IDS frameworks in terms of DR, FPR, Acc and Processing time in detecting DoS and Probe attacks.

Keywords: Intrusion Detection System, Anomaly Based Detection, KDDCUP’99 Dataset, Feature Selection.

 

+: Corresponding author: Hassan Al-Mahdi
Department of Computer Sciences, Suez Canal University, Ismailia 41522, Egypt, Tel: +20-01025373771

 

Journal of Internet Services and Information Security (JISIS), 11(4): 61-78, November 2021
Received: July 10, 2021; Accepted: October 27, 2021; Published: November 30, 2021
DOI: 10.22667/JISIS.2021.11.30.061 [pdf]