Hybridization of Ruzchika MAP Estimated Naïve Bayes and Chicken Swarm optimization based dichotomous Regression Classifier for Intrusion Detection

Abstract

Intrusion detection is the method of observing and analyzing the events occurred in a network in order to solve the security problems. With the extensive growth of the network, the entire computer suffers from security vulnerabilities. Therefore the Intrusion Detection System (IDS) plays a  major role in identifying the anomalies or attacks in the network. In order to improve the Intrusion Detection accuracy, Hybrid Ruzicka Naive Bayes Chicken Swarm Optimized Feature Selection and Dichotomous Regression Classifier (HRNBCSOFS-DRC) model is introduced. The main objective of HRNBCSO-DRC model is to identify the intrusion through the optimal feature selection and classification. The hybrid technique starts with the initialization of Chickens (i.e., features) populations in the search space. Then the fitness of each chicken is calculated based on the Ruzicka similarity measure to identify the current best. Based on the fitness value, the chickens are ranked.. Then the roulette wheel selection technique is applied to each group for choosing the attributes with higher fitness by applying the MAP estimated naïve Bayes probabilistic rule. The chicken’s with higher fitness is considered as rooster and the minimum fitness are considered as chicks and the remaining chickens are considered as hens. After finding the best feature, the rooster position gets updated along with the position of other chicken’s (i.e. hens and chicks) .This process gets iterated until a termination condition is met. Followed by, the hybrid model uses Dichotomous Regression function to analyze the selected feature value (i.e. training data) with the testing data. Then the data is classified as normal or abnormal based on the correlation coefficient value.. Experimental evaluation is performed with NSL-KDD dataset using different metrics such as Intrusion detection accuracy, precision, recall, F-measure and Intrusion detection time.