Document Type : Research Paper
Authors
1 computer science , university of technology
2 Computer science department, university of technology, iraq
3 computer science, university of technology
Abstract
Computer worms execute damaging functions in the network systems, compromising system security. Although researchers use a variety of methods to detect worms and prevent their spread. Detecting worms remains a challenge for the following reasons: First, a huge volume of irrelevant data affects classification accuracy. Second, frequently used individual classifiers in systems are poor at detecting all types of worms, Third, many systems are built on out-of-date information, rendering them useless for new worm species. As a result, providing a network intrusion detection system is vital for ensuring security and reducing the harm caused by worms on networks to information systems. The goal of the study is to discover computer worms in the computer networks and protect the systems from their damages. The proposed method uses the UNSW NB15 dataset to train and test the ensemble Ada boosting and Bagging algorithms with the Support Vector Nachine (SVM) as a contribution rather than a decision tree. Due to Correlation Feature Selection (CFS) identifying relationships between features and classes, and Chi-square (Chi2) determining whether features and classes are independent or not, we combined these two algorithms as a contribution in a method called CFS&Chi2fs to select the relevant features and reduce the time. The system achieved accuracy reaching 0.998 with Bagging(SVM), and 0.989 with Ada boost(SVM).
Keywords
Main Subjects
)
