Title :
Identification of effective network features for probing attack detection
Author :
Zargar, Gholam Reza ; Kabiri, Peyman
Author_Institution :
Sch. of Comput. Eng., Iran´´s Univ. of Sci. & Technol., Tehran, Iran
Abstract :
Existing intrusion detection techniques emphasize on building intrusion detection model based on all features provided. But not all the features are relevant ones and some of them are redundant and useless. This paper proposes and investigates identification of effective network features for probing attack detection using PCA method to determine an optimal feature set. An appropriate feature set helps to build efficient decision model as well as a reduced feature set. Feature reduction will speed up the training and the testing process considerably. DARPA 1998 dataset was used in the experiments as the test data. Experimental results show a reduction in training and testing time while maintaining the detection accuracy within acceptable range.
Keywords :
decision theory; principal component analysis; security of data; DARPA 1998 dataset; attack detection probing; decision model; feature reduction; intrusion detection technique; principal component analysis; Computational efficiency; Computer networks; Filters; Humans; Intrusion detection; Monitoring; Principal component analysis; Statistical analysis; System testing; TCPIP;
Conference_Titel :
Networked Digital Technologies, 2009. NDT '09. First International Conference on
Conference_Location :
Ostrava
Print_ISBN :
978-1-4244-4614-8
Electronic_ISBN :
978-1-4244-4615-5
DOI :
10.1109/NDT.2009.5272124
