Network Intrusion Detection System Using Two Stage Classifier

  • DevakunchariEmail author
  • Sourabh
  • Prakhar Malik
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 98)


A Network Intrusion Detection System (NIDS) is a mechanism that detects illegal and malicious activity inside a network. Anomaly based Intrusion detection systems use machine learning techniques to detect novel attacks. Classifiers are predictors that estimate the class label of an attack based on prior training and learning models. While it can be seen that DoS (Denial of Service) and probe attacks are filtered with reasonable accuracy, the detection rate fails miserably for R2L (Remote-to-Local) and U2R (User-to-Root) attacks. This paper aims to improve the accuracy of the above-mentioned attacks by proposing a two-stage classifier with feature selection used in the second stage of classification. The first stage uses a simple NB classifier with all the trained features. The proposed feature selection technique is based on Genetic Algorithm with entropy-based weights used for giving importance to each feature in the fitness function. Experiments were conducted on the NSL-KDD dataset using the WEKA machine learning tool. It can be seen that the detection rate of R2L and U2R improves significantly with 86.2% and 95% enhancement in the second stage of classification. This paper also compares the proposed feature selection technique with the existing filter methods and inspects the accuracies of other classifiers.


Intrusion Detection System Anomaly detection Machine learning Naïve Bayes classifier Genetic Algorithm 


  1. 1.
    Liao, H., Lin, R.C., et al.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36, 16–24 (2013)CrossRefGoogle Scholar
  2. 2.
    Cano, J.: Cyberattacks-the instability of security and control knowledge. ISACA J. 5, 1–5 (2016)Google Scholar
  3. 3.
    Hollingsworth, C.: Auditing from FISMA and HIPAA: lessons learned performing an in-house cybersecurity audit. ISACA J. 5, 1–6 (2016)Google Scholar
  4. 4.
    Singh, K., Agrawal, S., Sohi, B.S.: A near real-time IP traffic classification using machine learning. Int. J. Intell. Syst. Appl. 5(3), 83–93 (2013)Google Scholar
  5. 5.
    Limthong, K., Tawsook, T.: Network traffic anomaly detection using machine learning approaches. In: IEEE Network Operations and Management Symposium, Maui, HI, pp. 542–545 (2012)Google Scholar
  6. 6.
  7. 7.
    Li, W., Moore, A.W.: A machine learning approach for efficient traffic classification. In: 15th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems, Istanbul, pp. 310–317 (2007)Google Scholar
  8. 8.
    Casas, P., Fiadino, P., D’Alconzo, A.: Machine-learning based approaches for anomaly detection and classification in cellular networks. In: Network Traffic Measurement and Analysis Conference, TMA (2016)Google Scholar
  9. 9.
    Benaicha, S.E., Saoudi, L., et al.: Intrusion detection system using genetic algorithm. In: Science and Information Conference, pp. 564–568, London, UK (2014)Google Scholar
  10. 10.
    Pal, D., Parashar, A.: Improved genetic algorithm for ıntrusion detection system. In: Internationl Conference on Computational Intelligence and Communication Networks (CICN), USA, pp. 835–839 (2014)Google Scholar
  11. 11.
    Guo, Y., Wang, B., et al.: Feature selection based on rough set and modified genetic algorithm for ıntrusion detection. In: 5th International Conference on Computer Science & Education, China, pp. 1441–1446 (2010)Google Scholar
  12. 12.
    Hu, Y.J., Ling, Z.H.: DBN-based spectral feature representation for statistical parametric speech synthesis. IEEE Signal Process. Lett. 23(3), 21–325 (2016)Google Scholar
  13. 13.
  14. 14.
    Ibrahim, L.M., Basheer, D.T., Mahmood, M.S.: A comparison study for intrusion database (KDD99, NSL-KDD) based on Self-Organization Map (SOM) Artificial Neural Network. J. Eng. Sci. Technol. 8, 1107–1119 (2013)Google Scholar
  15. 15.
    WEKA machine learning tool.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of CSESRMISTChennaiIndia

Personalised recommendations