Feature Selection for Modeling Intrusion Detection

Feature selection is always beneficial to the field like Intrusion Detection, where vast amount of features extracted from network traffic needs to be analysed. All features extracted are not informative and some of them are redundant also. We investigated the performance of three feature selection algorithms Chi- square, Information Gain based and Correlation based with Naive Bayes (NB) and Decision Table Majority Classifier. Empirical results show that significant feature selection can help to design an IDS that is lightweight, efficient and effective for real world detection systems. Index Terms—Feature selection, network intrusion detection system, decision table majority, naive Bayesian classification.

[1]  Ajith Abraham,et al.  Intrusion Detection Using Ensemble of Soft Computing Paradigms , 2003 .

[2]  David G. Stork,et al.  Pattern Classification , 1973 .

[3]  A.H. Sung,et al.  Identifying important features for intrusion detection using support vector machines and neural networks , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[4]  Yiming Yang,et al.  A Comparative Study on Feature Selection in Text Categorization , 1997, ICML.

[5]  David G. Stork,et al.  Pattern classification, 2nd Edition , 2000 .

[6]  Zied Elouedi,et al.  Naive Bayes vs decision trees in intrusion detection systems , 2004, SAC '04.

[7]  Lloyd A. Smith,et al.  Feature Selection for Machine Learning: Comparing a Correlation-Based Filter Approach to the Wrapper , 1999, FLAIRS.

[8]  Boqin Feng,et al.  An Effective Data Classification Algorithm Based on the Decision Table Grid , 2008, Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008).

[9]  Susan M. Bridges,et al.  Mining fuzzy association rules and fuzzy frequency episodes for intrusion detection , 2000, Int. J. Intell. Syst..

[10]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[11]  Jaideep Srivastava,et al.  A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection , 2003, SDM.

[12]  Ron Kohavi,et al.  The Power of Decision Tables , 1995, ECML.

[13]  David G. Stork,et al.  Pattern Classification (2nd ed.) , 1999 .

[14]  Eleazar Eskin,et al.  A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA , 2002 .

[15]  Monark Bag,et al.  Cascading of C4.5 Decision Tree and Support Vector Machine for Rule Based Intrusion Detection System , 2012 .