Features selection for intrusion detection systems based on support vector machines

  • Authors:

  • Safaa Zaman;Fakhri Karray

  • Affiliations:

  • ECE Department, University of Waterloo, Waterloo, ON, CA;ECE Department, University of Waterloo, Waterloo, ON, CA

  • Venue:
  • CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
  • Year:
  • 2009

Quantified Score

Hi-index 0.01

Visualization

Abstract

Intrusion detection systems (IDSs) deal with large amounts of data containing irrelevant and/or redundant features. These features result in a slow training and testing process, heavy computational resources, and low detection accuracy. Features selection, therefore, is an important issue in IDSs. A reduced features set improves system accuracy and speeds up the training and testing process considerably. In this paper, we propose a novel and simple method-Enhanced Support Vector Decision Function (ESVDF)-for features selection. This method selects features based on two important factors: the feature's rank (weight), which is calculated using Support Vector Decision Function (SVDF), and the correlation between the features, which is determined by either the Forward Selection Ranking (FSR) or Backward Elimination Ranking (BER) algorithm. Our method significantly decreases training and testing times without loss in detection accuracy. Moreover, it selects the features set independently of the classifier used. We have examined the feasibility of our approach by conducting several experiments using the DARPA dataset. The experimental results indicate that the proposed algorithms can deliver satisfactory results in terms of classification accuracy, training time, and testing time.