Classification of cyber attacks based on rough set theory

The rapidly rising usage of telecommunication and information networks which inter-connect modern society through computers, smart phones and other electronic devices has led to security threats and cyber-crimes (CC) activities. These cybercrime activities has ultimately resulted in CC attack classification as a serious problem in network security domain while machine learning has been subjected to extensive research area in intrusion classification with emphasis on improving the rate of classifier´s accuracy or improving the data mining model performance. This study is another attempt, using rough set theory (RST), a rule based decision making approach to extract rules for intrusion attacks classification. Experiments were performed on publicly available data to explore the performance of four different algorithms e.g. genetic algorithm, covering algorithm, LEM2 and Exhaustive algorithms. It is observed that RST classification based on genetic algorithm for rules generation yields best performance as compared to other mentioned rules generation algorithms. Moreover, by applying the proposed technique on publicly available dataset about intrusion attacks, the results show that the proposed approach can fully predict all intrusion attacks and also provides prior useful information to the security engineers or developers to conduct a mandating action.