Abstract
Time taken by Intrusion Detection System (IDS) in order to detect malwares is very crucial factor. Network traffic dataset have many features and all may not contribute in detection of threats. Rejecting irrelevant features may increase performance of IDS by reducing computational time. In this paper, feature selection techniques based on Gain ratio attribute, Correlation feature selection, Chi Squared attribute, Consistency subset, Filtered attribute, Filtered subset, Information gain attribute, One RA attribute and Symmetrical Uncert attribute evaluation are tested on three classifiers (Naïve Bayes, J48 and PART) by using Weka data mining and machine learning tool on UCI KDD CUP 1999 network traffic dataset. The feature selection methods are analyzed on parameters like accuracy, number of features selected out of total features, time taken, TP rate and FP rate. The result shows that almost same level of accuracy can be achieved by reducing number of features considerably which also takes less computational time to detect threats. Filtered subset evaluation comes out to be best technique which suggests only 17.07 % of total features. Hence it is proposed that reduced number of features should be used in IDS for the quick detection of threats.
Original language | English |
---|---|
Title of host publication | International Conference on Machine Intelligence and Research Advancement (ICMIRA) |
Place of Publication | Piscataway, NJ |
Publisher | IEEE |
ISBN (Electronic) | 978-0-7695-5013-8 |
DOIs | |
Publication status | Published - 9 Oct 2014 |