Two-Level Feature Selection for Enhanced Accuracy and Reduced Computational Overhead in Intrusion Detection Systems Using Rough Set Theory and Binary Particle Swarm Optimization
Keywords:
Feature Selection, Rough Set Theory, PSO, BPSOAbstract
Intrusion Detection Systems (IDS) are essential for safeguarding network infrastructures by detecting and mitigating malicious activities. This study introduces a two-level feature selection approach (TLFSA) designed to enhance classification accuracy and reduce computational overhead. The first phase employs Rough Set Theory (RST) to filter out irrelevant features, while the second phase uses Binary Particle Swarm Optimization (BPSO) to refine the feature subset based on their discriminative power. Experiments conducted on the NSL-KDD dataset show that the TLFSA approach outperforms traditional algorithms such as Genetic Algorithm (GA) and Gravitational Search Algorithm (GSA), achieving a notable improvement of 0.99% in classification accuracy. Furthermore, class-specific feature subsets produced by the method demonstrate superior detection rates across all network traffic classes, with an average accuracy of 97.22%, compared to 91.11% for alternative methods. The proposed method effectively reduces the feature set to approximately 15% of the original features, streamlining the IDS model and improving both operational efficiency and real-time applicability.
References
A. Al-Nawasrah, A. A. Almomani, S. Atawneh, and M. Alauthman, "A survey of fast flux botnet detection with fast flux cloud computing," International Journal of Cloud Applications and Computing (IJCAC), vol. 10, no. 3, pp. 17-53, 2020.
W. Alomoush, A. Alrosan, A. Almomani, K. Alissa, O. A. Khashan, and A. Al-Nawasrah, "Spatial information of fuzzy clustering based mean best artificial bee colony algorithm for phantom brain image segmentation," International Journal of Electrical and Computer Engineering (IJECE), vol. 11, no. 5, pp. 4050-4058, 2021.
H. A. Al Issa, M. H. Al-Jarah, A. Almomani, and A. Al-Nawasrah, "Encryption and decryption cloud computing data based on XOR and genetic algorithm," International Journal of Cloud Applications and Computing (IJCAC), vol. 12, no. 1, pp. 1-10, 2022.
J. Liang, M. Ma, and X. Tan, "GaDQN-IDS: A Novel Self-Adaptive IDS for VANETs Based on Bayesian Game Theory and Deep Reinforcement Learning," in IEEE Transactions on Intelligent Transportation Systems, vol. 23, no. 8, pp. 12724-12737, 2022.
Z. Yu, J. J. Tsai, and T. Weigert, "An adaptive automatically tuning intrusion detection system," ACM Transactions on Autonomous and Adaptive Systems (TAAS), vol. 3, no. 3, pp. 1-25, 2008.
E. Anthi, L. Williams, and P. Burnap, "Pulse: an adaptive intrusion detection for the internet of things," ET Conference Proceedings, 2018.
G. Fernandes, J. J. Rodrigues, L. F. Carvalho, J. F. Al-Muhtadi, and M. L. Proença, "A comprehensive survey on network anomaly detection," Telecommunication Systems, vol. 70, no. 3, pp. 447-489, 2019.
A. Al-Nawasrah, A. Al-Momani, F. Meziane and M. Alauthman, "Fast flux botnet detection framework using adaptive dynamic evolving spiking neural network algorithm," 2018 9th International Conference on Information and Communication Systems (ICICS), pp. 7-11, 2018.
A. Al-Nawasrah et al., "Botnet Attack Detection Using A Hybrid Supervised Fast-Flux Killer System," in Journal of Web Engineering, vol. 21, no. 2, pp. 179-202, 2022.
A. Almomani, A. Al-Nawasrah, M. Alauthman, M. A. Al-Betar, and F. Meziane, "Botnet detection used fast-flux technique, based on adaptive dynamic evolving spiking neural network algorithm,” International Journal of Ad Hoc and Ubiquitous Computing, vol. 36, no. 1, pp. 50-65, 2021.
A. S. Almogren, "Intrusion detection in Edge-of-Things computing," Journal of Parallel Distributed Computing, vol. 137, pp. 259-265, 2020.
R. Vinayakumar, K. P. Soman, and P. Poornachandran, “A comparative analysis of deep learning approaches for network intrusion detection systems (N-IDSs): deep learning for N-IDSs,” International Journal of Digital Crime and Forensics (IJDCF), vol. 11, no. 3, pp. 65-89, 2019.
P. Sun et al. “DL‐IDS: Extracting Features Using CNN‐LSTM Hybrid Network for Intrusion Detection System,” Security and communication networks, vol. 2020, no. 1, 8890306, 2020.
S. Seth, K. K. Chahal, and G. Singh, "Concept Drift–Based Intrusion Detection For Evolving Data Stream Classification In IDS: Approaches And Comparative Study," The Computer Journal, 2024.
V. G. Krishnan, P. V. Lakshmi, A. N. Julaiha, S. L. Jemina, A. Sunitha, and V. Divya, "Vortex Search Algorithm based Machine Learning Classification for IDS," 2022 6th International Conference on Trends in Electronics and Informatics (ICOEI), pp. 1366-1372, 2022.
M. Eskandari, Z. H. Janjua, M. Vecchio, and F. Antonelli, "Passban IDS: An Intelligent Anomaly-Based Intrusion Detection System for IoT Edge Devices," in IEEE Internet of Things Journal, vol. 7, no. 8, pp. 6882-6897, 2020.
S. Krishnaveni, S. Sivamohan, S. Sridhar, and S. Prabhakaran, “Network intrusion detection based on ensemble classification and feature selection method for cloud computing,” Concurrency and Computation: Practice and Experience, vol. 34, no. 11, p. e6838, 2022.
M. Prasad, S. Tripathi, and K. Dahal, "An efficient feature selection based Bayesian and Rough set approach for intrusion detection," Applied Soft Computing, vol. 87, p. 105980, 2020.
M. A. Siddiqi and W. Pak, "Optimizing filter-based feature selection method flow for intrusion detection system," Electronics, vol. 9, no. 12, p. 2114, 2020.
S. Aljawarneh, M. Aldwairi, and M. B. Yassein, "Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model," Journal of Computational Science, vol. 25, pp. 152-160, 2018.
Y. Xuan et al., "Multi-Model Fusion Short-Term Load Forecasting Based on Random Forest Feature Selection and Hybrid Neural Network," in IEEE Access, vol. 9, pp. 69002-69009, 2021.
X. -F. Song, Y. Zhang, Y. -N. Guo, X. -Y. Sun, and Y. -L. Wang, "Variable-Size Cooperative Coevolutionary Particle Swarm Optimization for Feature Selection on High-Dimensional Data," in IEEE Transactions on Evolutionary Computation, vol. 24, no. 5, pp. 882-895, 2020.
A. D. Li, B. Xue, and M. Zhang, “Improved binary particle swarm optimization for feature selection with new initialization and search space reduction strategies,” Applied Soft Computing, vol. 106, p. 107302, 2021.
A. Shahraki, M. Abbasi, and Ø. Haugen, “Boosting algorithms for network intrusion detection: A comparative evaluation of Real AdaBoost, Gentle AdaBoost and Modest AdaBoost,” Engineering Applications of Artificial Intelligence, vol. 94, p. 103770, 2020.
L. Ashiku and C. Dagli, "Network intrusion detection system using deep learning," Procedia Computer Science, vol. 185, pp. 239-247, 2021.
M. Masdari and H. Khezri, "Towards fuzzy anomaly detection-based security: a comprehensive review," Fuzzy Optimization and Decision Making, vol. 20, no. 1, pp. 1-49, 2021.
Z. Halim et al., "An effective genetic algorithm-based feature selection method for intrusion detection systems," Computers & Security, vol. 110, p. 102448, 2021.
S. Thakur, A. Chakraborty, R. De, N. Kumar, and R. Sarkar, "Intrusion detection in cyber-physical systems using a generic and domain specific deep autoencoder model," Computers & Electrical Engineering, vol. 91, p. 107044, 2021.
M. Samadi Bonab, A. Ghaffari, F. Soleimanian Gharehchopogh, and P. Alemi, "A wrapper‐based feature selection for improving performance of intrusion detection systems," International Journal of Communication Systems, vol. 33, no. 12, p. e4434, 2020.
A. Thakkar and R. Lohiya, "A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions," Artificial Intelligence Review, vol. 55, no. 1, pp. 453-563, 2022.
S. M. Kasongo and Y. Sun, "Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset," Journal of Big Data, vol. 7, pp. 1-20, 2020.
M. Prasad, R. K. Gupta, and S. Tripathi, "A multi-level correlation-based feature selection for intrusion detection," Arabian Journal for Science and Engineering, vol. 47, no. 8, pp. 10719-10729, 2022.
O. Osanaiye, O. Ogundile, F. Aina, and A. Periola, "Feature selection for intrusion detection system in a cluster-based heterogeneous wireless sensor network," Facta Universitatis, Series: Electronics and Energetics, vol. 32, no. 2, pp. 315-330, 2019.
M. Artur, "Review the performance of the Bernoulli Naïve Bayes Classifier in Intrusion Detection Systems using Recursive Feature Elimination with Cross-validated selection of the best number of features," Procedia computer science, vol. 190, pp. 564-570, 2021.
F. Moslehi and A. Haeri, "A novel hybrid wrapper–filter approach based on genetic algorithm, particle swarm optimization for feature subset selection," Journal of Ambient Intelligence and Humanized Computing, vol. 11, no. 3, pp. 1105-1127, 2020.
J. Gu and S. Lu, "An effective intrusion detection approach using SVM with naïve Bayes feature embedding," Computers & Security, vol. 103, p. 102158, 2021.
M. M. Hassan, A. Gumaei, A. Alsanad, M. Alrubaian, and G. Fortino, "A hybrid deep learning model for efficient intrusion detection in big data environment," Information Sciences, vol. 513, pp. 386-396, 2020.
K. Albulayhi, Q. Abu Al-Haija, S. A. Alsuhibany, A. A. Jillepalli, M. Ashrafuzzaman, and F. Sheldon, "IoT intrusion detection using machine learning with a novel high performing feature selection method," Applied Sciences, vol. 12, no. 10, p. 5015, 2022.
Y. Zhang, X. Shi, S. Zhang, and A. Abraham, "A XGBoost-Based Lane Change Prediction on Time Series Data Using Feature Engineering for Autopilot Vehicles," in IEEE Transactions on Intelligent Transportation Systems, vol. 23, no. 10, pp. 19187-19200, 2022.
M. A. Rahman et al., "Effective combining of feature selection techniques for machine learning-enabled IoT intrusion detection," Multimedia Tools and Applications, pp. 1-19, 2021.
R. Bhatia, S. Benno, J. Esteban, T. V. Lakshman, and J. Grogan, "Unsupervised machine learning for network-centric anomaly detection in IoT," In Proceedings of the 3rd acm conext workshop on big data, machine learning and artificial intelligence for data communication networks, pp. 42-48, 2019.
C. Khammassi and S. Krichen, "A GA-LR wrapper approach for feature selection in network intrusion detection," computers & security, vol. 70, pp. 255-277, 2017.
N. AlNuaimi, M. M. Masud, M. A. Serhani, and N. Zaki, "Streaming feature selection algorithms for big data: A survey," Applied Computing and Informatics, vol. 18, no. 1/2, pp. 113-135, 2020.
M. Gauthama Raman et al., "An efficient intrusion detection technique based on support vector machine and improved binary gravitational search algorithm," Artificial Intelligence Review, vol. 53, no. 5, pp. 3255-3286, 2020.
Y. Li, M. Jia, X. Han, and X. S. Bai, "Towards a comprehensive optimization of engine efficiency and emissions by coupling artificial neural network (ANN) with genetic algorithm (GA)," Energy, vol. 225, p. 120331, 2021.
B. Selvakumar and K. Muneeswaran, and Security, "Firefly algorithm based feature selection for network intrusion detection," Computers & Security, vol. 81, pp. 148-155, 2019.
K. A. Taher, B. M. Y. Jisan, and M. M. Rahman, "Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection," 2019 International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST), pp. 643-646, 2019.
S. Mohammadi, H. Mirvaziri, M. Ghazizadeh-Ahsaee, and H. Karimipour, "Cyber intrusion detection by combined feature selection algorithm," Journal of information security and applications, vol. 44, pp. 80-88, 2019.
F. H. Almasoudy, W. L. Al-Yaseen, and A. K. Idrees, "Differential evolution wrapper feature selection for intrusion detection system," Procedia Computer Science, vol. 167, pp. 1230-1239, 2020.
K. Asghari, M. Masdari, F. S. Gharehchopogh, and R. Saneifard, "Multi‐swarm and chaotic whale‐particle swarm optimization algorithm with a selection method based on roulette wheel," Expert Systems, vol. 38, no. 8, p. e12779, 2021.
H. Li, X. Hu, X. Zhang, S. Wei, and Q. Luo, "Kinematic parameters calibration of industrial robot based on RWS-PSO algorithm," Proceedings of the Institution of Mechanical Engineers, Part C: Journal of Mechanical Engineering Science, vol. 237, no. 14, pp. 3210-3220, 2023.
B. Nouri-Moghaddam, M. Ghazanfari, and M. Fathian, "A novel multi-objective forest optimization algorithm for wrapper feature selection," Expert Systems with Applications, vol. 175, p. 114737, 2021.
Y. He et al., "A Sparse Protocol Parsing Method for IIoT Based on BPSO-vote-HMM Hybrid Model," in IEEE/ACM Transactions on Networking, vol. 31, no. 2, pp. 485-496, 2023.
S. Ajibade, "Particle Swarm Optimization with Chaotic Dynamic Weight for Feature Selection Enhancement," Engineering Technology and Management, vol. 1, no. 2, pp. 1-5, 2020.
S. -S. M. Ajibade, N. B. Binti Ahmad and A. Zainal, "A Hybrid Chaotic Particle Swarm Optimization with Differential Evolution for feature selection," 2020 IEEE Symposium on Industrial Electronics & Applications (ISIEA), pp. 1-6, 2020.
C. Bae, W.-C. Yeh, Y. Y. Chung, and S. L. Liu, "Feature selection with intelligent dynamic swarm and rough set," Expert Systems with Applications, vol. 37, no. 10, pp. 7026-7032, 2010.
S. Maheswari and K. Arunesh, " Unsupervised Binary BAT algorithm based Network Intrusion Detection System using enhanced multiple classifiers," in 2020 International Conference on Smart Electronics and Communication (ICOSEC), pp. 885-889, 2020.
N. M. Yusof, A. K. Muda, S. F. Pratama, and F. T. K. E. Elektronik, "A New Binary WOA-BAT Feature Selection Approach for Amphetamine-type Stimulants Drug Classification," Manuscript Editor, vol. 2021, p. 26, 2021.
W. Z. Al-Dyani, F. K. Ahmad, and S. S. Kamaruddin, "Binary Bat Algorithm for text feature selection in news events detection model using Markov clustering," Cogent Engineering, vol. 9, no. 1, p. 2010923, 2022.
N. Kunhare, R. Tiwari, and J. Dhar, "Intrusion detection system using hybrid classifiers with meta-heuristic algorithms for the optimization and feature selection by genetic algorithm," Computers and Electrical Engineering, vol. 103, p. 108383, 2022.
A. Al Nawasrah. Fast flux botnet detection based on adaptive dynamic evolving spiking neural network. University of Salford (United Kingdom), 2018.
F. Zhao, H. Li, K. Niu, J. Shi, and R. Song, “Application of deep learning-based intrusion detection system (IDS) in network anomaly traffic detection,” Appl. Comput. Eng, vol. 86, pp. 231-237, 2024.
A. Almomani, A. Al-Nawasrah, W. Alomoush, M. Al-Abweh, A. Alrosan, and B. B. Gupta, "Information management and IoT technology for safety and security of smart home and farm systems," Journal of Global Information Management (JGIM), vol. 29, no. 6, pp. 1-23, 2021.
A. Nazir and R. A. Khan, “A novel combinatorial optimization based feature selection method for network intrusion detection,” Computers & Security, vol. 102, p. 102164, 2021.
S. Baghirzada. Feature Selection with Improved Mountain Gazelle Optimizer Algorithm for Intrusion Detection Systems. (Master's thesis, Khazar University (Azerbaijan)), 2024.
K. Bian and R. Priyadarshi, “Machine learning optimization techniques: a Survey, classification, challenges, and Future Research Issues,” Archives of Computational Methods in Engineering, pp. 1-25, 2024.
M. Cherrington, D. Airehrour, J. Lu, F. Thabtah, Q. Xu, and S. Madanian, "Particle Swarm Optimization for Feature Selection: A Review of Filter-based Classification to Identify Challenges and Opportunities," 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), pp. 0523-0529, 2019, doi: 10.1109/IEMCON.2019.8936185.
A. Pawar and N. Tiwari, “A Novel Approach of DDOS Attack Classification with Optimizing the Ensemble Classifier Using A Hybrid Firefly and Particle Swarm Optimization (HFPSO),” International Journal of Intelligent Engineering & Systems, vol. 16, no. 4, 2023.
M. A. Shyaa, N. F. Ibrahim, Z. Zainol, R. Abdullah, M. Anbar, and L. Alzubaidi, “Evolving cybersecurity frontiers: A comprehensive survey on concept drift and feature dynamics aware machine and deep learning in intrusion detection systems,” Engineering Applications of Artificial Intelligence, vol. 137, p. 109143, 2024.
S. He, Q. H. Wu, and J. R. Saunders, "Group Search Optimizer: An Optimization Algorithm Inspired by Animal Searching Behavior," in IEEE Transactions on Evolutionary Computation, vol. 13, no. 5, pp. 973-990, Oct. 2009, doi: 10.1109/TEVC.2009.2011992.
E. Cuevas, M. Cienfuegos, D. Zaldívar, and M. Pérez-Cisneros, “A swarm optimization algorithm inspired in the behavior of the social-spider,” Expert Systems with Applications, vol. 40, no. 16, pp. 6374-6384, 2013.
M. Heigl, E. Weigelt, D. Fiala, and M. Schramm, “Unsupervised feature selection for outlier detection on streaming data to enhance network security,” Applied Sciences, vol. 11, no. 24, p. 12073, 2021.
Y. Zheng, Z. Li, X. Xu, and Q. Zhao, “Dynamic defenses in cyber security: Techniques, methods and challenges,” Digital Communications and Networks, vol. 8, no. 4, pp. 422-435, 2022.
I. K. Thajeel, K. Samsudin, S. J. Hashim, and F. Hashim, “Dynamic feature selection model for adaptive cross site scripting attack detection using developed multi-agent deep Q learning model,” Journal of King Saud University-Computer and Information Sciences, vol. 35, no. 6, p. 101490, 2023.
A. I. Madbouly and T. M. Barakat, “Enhanced relevant feature selection model for intrusion detection systems,” International Journal of Intelligent Engineering Informatics, vol. 4, no. 1, pp. 21-45, 2016.
M. Torabi, N. I. Udzir, M. T. Abdullah, and R. Yaakob, “A review on feature selection and ensemble techniques for intrusion detection system,” International Journal of Advanced Computer Science and Applications, vol. 12, no. 5, 2021.
S. Alabdulwahab and B. Moon, “Feature selection methods simultaneously improve the detection accuracy and model building time of machine learning classifiers,” Symmetry, vol. 12, no. 9, p. 1424, 2020.
A. Alazab, M. Hobbs, J. Abawajy, and M. Alazab, "Using feature selection for intrusion detection system," 2012 International Symposium on Communications and Information Technologies (ISCIT), pp. 296-301, 2012, doi: 10.1109/ISCIT.2012.6380910.
L. Brezočnik, I. Fister Jr, and V. Podgorelec, “Swarm intelligence algorithms for feature selection: a review,” Applied Sciences, vol. 8, no. 9, p. 1521, 2018.
Y. Zhou, G. Cheng, S. Jiang, and M. Dai, “Building an efficient intrusion detection system based on feature selection and ensemble classifier,” Computer networks, vol. 174, p. 107247, 2020.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Moaad Abdulaziz Almania
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
This journal is based on the work at https://journal.umy.ac.id/index.php/jrc under license from Creative Commons Attribution-ShareAlike 4.0 International License. You are free to:
- Share – copy and redistribute the material in any medium or format.
- Adapt – remix, transform, and build upon the material for any purpose, even comercially.
The licensor cannot revoke these freedoms as long as you follow the license terms, which include the following:
- Attribution. You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- ShareAlike. If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
- No additional restrictions. You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
• Creative Commons Attribution-ShareAlike (CC BY-SA)
JRC is licensed under an International License
