Relevant Feature Selection Model Using Data Mining for Intrusion Detection System

  title={Relevant Feature Selection Model Using Data Mining for Intrusion Detection System},
  author={Ayman I. Madbouly and Amr M. Gody and Tamer M. Barakat},
Abstract — Network intrusions have become a significant threat in recent years as a result of the increased demand of computer networks for critical systems. Intrusion detection system (IDS) has been widely deployed as a defense measure for computer networks. Features extracted from network traffic can be used as sign to detect anomalies. However with the huge amount of network traffic, collected data contains irrelevant and redundant features that affect the detection rate of the IDS, consumes… 

Figures and Tables from this paper

Enhanced relevant feature selection model for intrusion detection systems

An enhanced model is proposed to increase attacks detection accuracy and to improve overall system performance and the results showed that, the enhanced model could efficiently achieves high detection rate, high performance rate, low false alarm rate, and fast and reliable detection process.

Model for Intrusion Detection Based on Hybrid Feature Selection Techniques

  • Joseph Mbugua Chahira
  • Computer Science
    International Journal of Computer Applications Technology and Research
  • 2020
A new feature selection model is proposed based on hybrid feature selection techniques (information gain, correlation, chi squere and gain ratio) and Principal Component Analysis (PCA) for feature reduction and the experimental results showed that the proposed model improves the detection rates and also speed up the detection process.

Identifying Generic Features of KDD Cup 1999 for Intrusion Detection

A new approach is proposed to analyze the researches that have been conducted on KDD cup 1999 for features selection to define the possibility of determining effective generic features of the common dataset KDD Cup 1999 for constructing an efficient classification model.

A genetic clustering technique for Anomaly-based Intrusion Detection Systems

  • Naila Belhadj AissaM. Guerroumi
  • Computer Science
    2015 IEEE/ACIS 16th International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)
  • 2015
This paper proposes a clustering-based detection technique using a genetic algorithm named Genetic Clustering for Anomaly-based Detection (GC-AD), which applies a genetic process where each chromosome represents the centroids of the k clusters.

An Optimised Approach for Intrusion Detection in KDD CUP 99 Dataset Using KNN & GA

A modified data mining classification technique is proposed which helps to improve higher intrusion detection rate and the simulation result of the proposed system for the accuracy parameter is improved than the existing system.

An Intrusion Detection System using KNN-ACO Algorithm

This paper proposes a SVM and KNN-ACO method for the intrusion detection and the analysis of this is perform using KDD1999 Cup dataset, which shows improved precision and concentrated false alarm rate when matched with existing algorithms.

A new hybrid approach for intrusion detection using machine learning methods

It has been shown that the proposedIDS has high accuracy and a low false positive rates in all attack types.

A Hybrid Approach for the Analysis of Feature Selection using Information Gain and BAT Techniques on The Anomaly Detection

Random Forest algorithm emerges as the best classifier for feature selection technique and scores over others by virtue of its accuracy in optimal selection of features.

Intrusion Detection in Computer Networks Using Combination of Machine Learning Techniques

A hybrid approach is proposed which operates on the combined output of the classifier which shows the superiority of the proposed method with 97% efficiency using J48 learning algorithm and Adaboost classification by reducing the dimension IG method (feature selection).

An Enhanced Genetic Algorithm based Intrusion Detection System for detection of Denial –of-Service Attacks

An improved and modified version of Genetic Algorithm for network anomaly detection and a soft computing approach for rule generation to make it more efficient as compared to the hard computing rule generation method used in the existing genetic algorithm.



Analysis of KDD '99 Intrusion Detection Dataset for Selection of Relevance Features

Rough set degree of dependency and dependency ratio of each class were employed to determine the most discriminating features for each class and empirical results show that seven features were not relevant in the detection of any class.

Application of Data Mining to Network Intrusion Detection: Classifier Selection Model

Evaluated performance of a comprehensive set of classifier algorithms using KDD99 dataset indicates that noticeable performance improvement and real-time intrusion detection can be achieved as the proposed models to detect different kinds of network attacks are applied.


Relevance feature selection with data cleaning for intrusion detection system

The approach presented in this paper leads to a selection of most relevance features and it is expected that the intrusion detection research using KDD'99-based datasets will benefit from the good understanding of network features and their influences to attacks.

Identifying important features for intrusion detection using support vector machines and neural networks

  • A. SungS. Mukkamala
  • Computer Science
    2003 Symposium on Applications and the Internet, 2003. Proceedings.
  • 2003
This paper applies the technique of deleting one feature at a time to perform experiments on SVMs and neural networks to rank the importance of input features for the DARPA collected intrusion data and shows that SVM-based and neural network based IDSs using a reduced number of features can deliver enhanced or comparable performance.

Classifying the Network Intrusion Attacks using Data Mining Classification Methods and their Performance Comparison

The idea of applying data mining classification techniques to intrusion detection systems to maximize the effectiveness in identifying attacks, thereby helping the users to construct more secure information systems is presented.

A data mining framework for building intrusion detection models

  • Wenke LeeS. StolfoK. Mok
  • Computer Science
    Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)
  • 1999
A data mining framework for adaptively building Intrusion Detection (ID) models is described, to utilize auditing programs to extract an extensive set of features that describe each network connection or host session, and apply data mining programs to learn rules that accurately capture the behavior of intrusions and normal activities.

Feature deduction and ensemble design of intrusion detection systems