| dc.contributor.author | Wanjau, Stephen Kahara | |
| dc.contributor.author | Kamau, Gabriel Ndung’u | |
| dc.date.accessioned | 2025-04-24T11:48:34Z | |
| dc.date.available | 2025-04-24T11:48:34Z | |
| dc.date.issued | 2024 | |
| dc.identifier.issn | 2279 – 0764) | |
| dc.identifier.uri | http://repository.mut.ac.ke:8080/xmlui/handle/123456789/6531 | |
| dc.description.abstract | Network intrusion detection systems (NIDS) are essential for protecting computer networks against cyberattacks. The selection of a nominal set of essential features that may adequately discriminate malicious traffic from the normal traffic is indispensable while developing a NIDS. As such, a more reliable and accurate detection result may be realized when intrusion detection is carried out on a dataset based on an inclusive feature representation. This work presents the pre-processing and feature selection workflow as well as its results in the case of the CIC-IDS-2017 dataset with a focus on two cyber-attacks namely Denial-of-Service (DoS) and PortScan. The study applied an ensemble feature selection method based on information gain and Random Forest to filter out important features. Recursive Feature Elimination method was then applied to the reduced features to optimize the selected feature subset. The selected feature subset was experimented with using two classification algorithms, namely support vector machine and multi-layer perceptron. In the evaluation process, four widely used performance metrics were considered. The study results demonstrated the efficacy of the proposed ensemble approach to optimize the selected feature subset for detecting PortScan and DoS attacks in network traffic. Experimental results revealed that the support vector machine had a slight advantage in accuracy and could train more quickly. According to the study's evaluation, the NIDS may be able to shorten processing times without sacrificing the ability to detect PortScan and DoS attacks accurately by choosing a narrow subset of informative features. This suggests the approach might be applicable to real-world NIDS scenarios involving these attacks. The study also provides encouraging perspectives on how ensemble feature selection utilizing MLP and SVM can enhance the effectiveness of NIDS. Building on these findings, more research can create NIDS solutions that are even more reliable and efficient for the dynamic field of cybersecurity. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | International Journal of Computer and Information Technology | en_US |
| dc.subject | Classification; ensemble; feature selection; network intrusion detection system; pre-processing; recursive feature elimination. | en_US |
| dc.title | Ensemble Feature Selection for Network Intrusion Detection: Combining Information Gain and Random Forest with Recursive Feature Elimination | en_US |
| dc.type | Article | en_US |
