A Novel Feature Selection for Intrusion Detection in Virtual Machine Environments
暂无分享,去创建一个
Intrusion detection systems (IDSs) are continuously evolving, with the goal of improving the security of computer infrastructures. However, one of the most significant challenges in this area is the poor detection rate, due to the presence of excessive features in a data set whose class distributions are imbalanced. Despite the relatively long existence and the promising nature of feature selection methods, most of them fail to account for imbalance class distributions, particularly, for intrusion data, leading to poor predictions for minority class samples. In this paper, we propose a new feature selection algorithm to enhance the accuracy of IDS of virtual server environments. Our algorithm assigns weights to subsets of features according to the maximized area under the ROC curve (AUC) margin it induces during the boosting process over the minority and the majority examples. The best subset of features is then selected by a greedy search strategy. The empirical experiments are carried out on multiple intrusion data sets using different commercial virtual appliances and real malwares.
[1] Ron Kohavi,et al. Wrappers for Feature Subset Selection , 1997, Artif. Intell..
[2] Rohini K. Srihari,et al. Feature selection for text categorization on imbalanced data , 2004, SKDD.
[3] Jennifer G. Dy,et al. Effective Virtual Machine Monitor Intrusion Detection Using Feature Selection on Highly Imbalanced Data , 2010, 2010 Ninth International Conference on Machine Learning and Applications.
[4] Yoav Freund,et al. Experiments with a New Boosting Algorithm , 1996, ICML.