2022
Journal article  Open Access

Intrusion detection in cyber-physical environment using hybrid naïve Bayes-decision table and multi-objective evolutionary feature selection

Panigrahi R., Borah S., Pramanik M., Bhoi A. K., Barsocchi P., Nayak S. R., Alnumay W.

Intrusion detection  DTNB  Signature-based  Botnet detection  Denial of Service (DoS) attacks  Distributed Denial of Service (DDoS) attacks  Web attacks  Class imbalance 

Researchers are motivated to build effective Intrusion Detection Systems because of the implications of malicious actions in computing, communication, and cyber-physical systems (IDSs). In order to develop signature-based intrusion detection techniques that are suitable for use in cyber-physical environments, state-of-the-art supervised learning algorithms are devised. The main contribution of this research is the introduction of a signature-based intrusion detection model that is based on a hybrid Decision Table and Naive Bayes technique. In addition, the contribution of the suggested method is evaluated by comparing it to the existing literature in the field. In the preprocessing stage, Multi-Objective Evolutionary Feature Selection (MOEFS) feature selection has been used to select only five attack features from the recent CICIDS017 dataset. Keeping in view the class imbalance nature of CICIDS2017 dataset, adequate attack samples has been selected with more weightage to the attack classes having a smaller number of instances in the dataset. A hybrid of Decision Table and Naive Bayes models were combined to train and detect intrusions. Detection of botnets, port scans, Denial of Service (DoS)/Distributed Denial of Service (DDoS) attacks, such as Golden-Eye, Hulk, Slow httptest, slowloris, Heartbleed, Brute Force attacks, such as Patator (FTP), Patator (SSH), and Web attacks such as Infiltration, Web Brute Force, SQL Injection, and XSS, are all successfully detected by the proposed hybrid detection model. The proposed approach shows an accuracy of 96.8% using five features of CICIDS2017, which is higher than the accuracy of methods discussed in the literatures.

Source: Computer communications 188 (2022): 133–144. doi:10.1016/j.comcom.2022.03.009

Publisher: IPC Science and Technology Press,, Guildford , Regno Unito

Metrics



Back to previous page

Share

Cite as

BibTeX entry
@article{oai:it.cnr:prodotti:465950,
	title = {Intrusion detection in cyber-physical environment using hybrid naïve Bayes-decision table and multi-objective evolutionary feature selection},
	author = {Panigrahi R. and Borah S. and Pramanik M. and Bhoi A.  K. and Barsocchi P. and Nayak S.  R. and Alnumay W.},
	publisher = {IPC Science and Technology Press,, Guildford , Regno Unito},
	doi = {10.1016/j.comcom.2022.03.009},
	journal = {Computer communications},
	volume = {188},
	pages = {133–144},
	year = {2022}
}

CNR authors and affiliations

Download

Privacy Policy