• DocumentCode
    3277173
  • Title

    An evaluation of feature selection and reduction algorithms for network IDS data

  • Author

    Bjerkestrand, Therese ; Tsaptsinos, Dimitris ; Pfluegel, Eckhard

  • Author_Institution
    Fac. of SEC, Kingston Univ., Kingston upon Thames, UK
  • fYear
    2015
  • fDate
    8-9 June 2015
  • Firstpage
    1
  • Lastpage
    2
  • Abstract
    Intrusion detection is concerned with monitoring and analysing events occurring in a computer system in order to discover potential malicious activity. Data mining, which is part of the procedure of knowledge discovery in databases, is the process of analysing the collected data to find patterns or correlations. As the amount of data collected, store and processed only increases, so does the significance and importance of intrusion detection and data mining. A dataset that has been particularly exposed to research is the dataset used for the Third International Knowledge Discovery and Data Mining Tools competition, KDD99. The KDD99 dataset has been used to identify what data mining techniques relate to certain attack and employed to demonstrate that decision trees are more efficient than the Naïve Bayes model when it comes to detecting new attacks. When it comes to detecting network intrusions, the C4.5 algorithm performs better than SVM. The aim of our research is to evaluate and compare the usage of various feature selection and reduction algorithms against publicly available datasets. In this contribution, the focus is on feature selection and reduction algorithms. Three feature selection algorithms, consisting of an attribute evaluator and a test method, have been used. Initial results indicate that the performance of the classifier is unaffected by reducing the number of attributes.
  • Keywords
    Bayes methods; data mining; decision trees; feature selection; security of data; C4.5 algorithm; KDD99 dataset; SVM; computer system; data mining technique; decision tree; feature selection; intrusion detection; naive Bayes model; network IDS data; network intrusion; potential malicious activity; reduction algorithm; third international knowledge discovery and data mining tools competition; Algorithm design and analysis; Classification algorithms; Data mining; Databases; Intrusion detection; Knowledge discovery; Training; KDD dataset; data mining; feature selection and reduction; intrusion detection; knowledge discovery;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on
  • Conference_Location
    London
  • Type

    conf

  • DOI
    10.1109/CyberSA.2015.7166129
  • Filename
    7166129