Network Intrusion Detection System Using PCA by Lp-Norm Maximization Based on Conjugate Gradient

Abstract

Due to the fast growing of computer networks the potential for attacking those networks also became important. Therefore, all enterprises should implement various systems that supervise their network infrastructure security. To detect any eventual attacks, many Intrusion Detection Systems (IDSs) have been used in recent years. However, the most of them operate more often on enormous network traffic data with multiple redundant features. As a result, the IDS generates a high false alarms rate, which makes the intrusion detection inefficient and imprecise. To overcome that, several techniques for data dimensionality reduction have been proposed, such as Principal Component Analysis (PCA). Nonetheless, the classical PCA approach that is based on the L2-norm maximization is very sensitive to outliers. As a solution to this weakness, we propose to introduce a new variant of PCA called PCA Lp-norm using conjugate gradient algorithm to solve the Lp-norm optimization problem. The main idea behind this new method relies on the Lp-norm, which is more robust to the presence of outliers in data. Extensive experiments on two well-known datasets namely KDDcup99 and NSL-KDD prove the effectiveness of the proposed approach in terms of network attacks detection, false alarms reduction and CPU time minimization.