Brasil
| Actas de congresos
Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
Fecha
2010-07-19Registro en:
ICT 2010: 2010 17th International Conference on Telecommunications, p. 552-558.
10.1109/ICTEL.2010.5478852
2-s2.0-77954556689
Autor
Federal University of Mato Grosso
Federal Institute of Mato Grosso
Universidade Estadual Paulista (UNESP)
Purdue University
Institución
Resumen
Intrusion detection datasets play a key role in fine tuning Intrusion Detection Systems (IDSs). Using such datasets one can distinguish between regular and anomalous behavior of a given node in the network. To build this dataset is not straightforward, though, as only the most significant features of the collected data for detecting the node's behavior should be considered. We propose in this paper a technique for selecting relevant features out of KDD99 using a hybrid approach toward an optimal subset of features. Unlike existing work that only detect attack or no attack conditions, our approach efficiently identifies which sort of attack each register in the dataset refers to. The evaluation results show that the optimized subset of features can improve performance of typical IDSs. © 2009 IEEE.