Lightweight Intrusion Detection System Based on Feature Selection

The intrusion detection system based on feature selection deals with huge amount of data which contains redundant and noisy features causing slow training and testing process, high resource consumption as well as poor detection rate. Feature selection, therefore, is an important issue in intrusion detection and it can delete redundant and noisy features. In order to improve performances of intrusion detection system in terms of detection speed and detection rate, a survey of intrusion detection system based on feature selection is necessary. This paper introduces the concepts and algorithms of feature selection, surveys the existing lightweight intrusion detection systems based on feature selection algorithms, groups and compares different systems in three broad categories: filter, wrapper, and hybrid. This paper concludes the survey by identifying trends of feature selection research and development in intrusion detection system. Feature selection is not only useful for intrusion detection system, but also helpful to provide a new research direction for intrusion detection system.

[1]  Jay N. Bhuyan,et al.  A combination of genetic algorithm and simulated evolution techniques for clustering , 1995, CSC '95.

[2]  Dong Seong Kim,et al.  Network-Based Intrusion Detection with Support Vector Machines , 2003, ICOIN.

[3]  Thorsten Joachims,et al.  Making large scale SVM learning practical , 1998 .

[4]  Keinosuke Fukunaga,et al.  A Branch and Bound Algorithm for Feature Subset Selection , 1977, IEEE Transactions on Computers.

[5]  Robert Beverly,et al.  SVM learning of IP address structure for latency prediction , 2006, MineNet '06.

[6]  Thomas G. Dietterich,et al.  Learning Boolean Concepts in the Presence of Many Irrelevant Features , 1994, Artif. Intell..

[7]  James R. Gattiker,et al.  Anomaly Detection Enhanced Classification in Computer Intrusion Detection , 2002, SVM.

[8]  Li Guo,et al.  Building Efficient Intrusion Detection Model Based on Principal Component Analysis and C4.5 , 2006, 2006 International Conference on Communication Technology.

[9]  Ron Kohavi,et al.  Wrappers for Feature Subset Selection , 1997, Artif. Intell..

[10]  Li Guo,et al.  Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System , 2006, Inscrypt.

[11]  Huan Liu,et al.  Efficient Feature Selection via Analysis of Relevance and Redundancy , 2004, J. Mach. Learn. Res..

[12]  Jim Alves-Foss,et al.  NATE: Network Analysis ofAnomalousTrafficEvents, a low-cost approach , 2001 .

[13]  Huan Liu,et al.  Toward integrating feature selection algorithms for classification and clustering , 2005, IEEE Transactions on Knowledge and Data Engineering.

[14]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Sanmay Das,et al.  Filters, Wrappers and a Boosting-Based Hybrid for Feature Selection , 2001, ICML.

[16]  Jim Alves-Foss,et al.  NATE: Network Analysis of Anomalous Traffic Events, a low-cost approach , 2001, NSPW '01.

[17]  Mark A. Hall,et al.  Correlation-based Feature Selection for Discrete and Numeric Class Machine Learning , 1999, ICML.

[18]  Huan Liu,et al.  A Probabilistic Approach to Feature Selection - A Filter Solution , 1996, ICML.

[19]  Dong Seong Kim,et al.  Toward Modeling Lightweight Intrusion Detection System Through Correlation-Based Hybrid Feature Selection , 2005, CISC.

[20]  Henri Luchian,et al.  A Study of Adaptation and Random Search in Genetic Algorithms , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[21]  Shian-Shyong Tseng,et al.  A two-phase feature selection method using both filter and wrapper , 1999, IEEE SMC'99 Conference Proceedings. 1999 IEEE International Conference on Systems, Man, and Cybernetics (Cat. No.99CH37028).

[22]  Eric A. Hansen,et al.  Breadth-first heuristic search , 2004, Artif. Intell..

[23]  Yang Shao-quan,et al.  An Intrusion Detection System Based on Support Vector Machine , 2003 .

[24]  A.H. Sung,et al.  Identifying important features for intrusion detection using support vector machines and neural networks , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[25]  Dong Seong Kim,et al.  Fusions of GA and SVM for Anomaly Detection in Intrusion Detection System , 2005, ISNN.

[26]  Lydia E. Kavraki,et al.  A dimensionality reduction approach to modeling protein flexibility , 2002, RECOMB '02.

[27]  Franco Turini,et al.  DrC4.5: Improving C4.5 by means of prior knowledge , 2005, SAC '05.

[28]  Russell Reed,et al.  Pruning algorithms-a survey , 1993, IEEE Trans. Neural Networks.