Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach

Author

Araujo, Nelcileno ; De Oliveira, Ruy ; Ferreira, Ed´Wilson ; Shinoda, Ailton Akira ; Bhargava, Bharat

Author_Institution

Inst. of Comput., Fed. Univ. of Mato, Cuiaba, Brazil

fYear

2010

fDate

4-7 April 2010

Firstpage

552

Lastpage

558

Abstract

Intrusion detection datasets play a key role in fine tuning Intrusion Detection Systems (IDSs). Using such datasets one can distinguish between regular and anomalous behavior of a given node in the network. To build this dataset is not straightforward, though, as only the most significant features of the collected data for detecting the node´s behavior should be considered. We propose in this paper a technique for selecting relevant features out of KDD99 using a hybrid approach toward an optimal subset of features. Unlike existing work that only detect attack or no attack conditions, our approach efficiently identifies which sort of attack each register in the dataset refers to. The evaluation results show that the optimized subset of features can improve performance of typical IDSs.

Keywords

security of data; KDD99; feature selection; intrusion detection dataset; Computer science; Computer vision; Data mining; Data security; Databases; Informatics; Intelligent networks; Intrusion detection; Pattern recognition; Telecommunication computing; Hybrid Approach; Information Gain Ratio; K-Means; KDD99. Feature Selection;

fLanguage

English

Publisher

ieee

Conference_Titel

Telecommunications (ICT), 2010 IEEE 17th International Conference on

Conference_Location

Doha

Print_ISBN

978-1-4244-5246-0

Electronic_ISBN

978-1-4244-5247-7

Type

conf

DOI

10.1109/ICTEL.2010.5478852

Filename

5478852