Similarity-based classification using specific features in network intrusion detection

Authors:
Anazida Zainal;Mohd Aizaini Maarof;Siti Mariyam Shamsuddin
Affiliations:
Universiti Teknologi Malaysia, Skudai, Johor, Malaysia;Universiti Teknologi Malaysia, Skudai, Johor, Malaysia;Universiti Teknologi Malaysia, Skudai, Johor, Malaysia
Venue:
AsiaCSN '08 Proceedings of the Fifth IASTED International Conference on Communication Systems and Networks
Year:
2008

Citing 9
Cited 0

The base-rate fallacy and the difficulty of intrusion detection

ACM Transactions on Information and System Security (TISSEC)
Decision tree classifier for network intrusion detection with GA-based feature selection

Proceedings of the 43rd annual Southeast regional conference - Volume 2
Intrusion detection in computer networks by a modular ensemble of one-class classifiers

Information Fusion
Feature selection using rough-DPSO in anomaly intrusion detection

ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I
Kernel PCA based network intrusion feature extraction and detection using SVM

ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part II
The feature selection and intrusion detection problems

ASIAN'04 Proceedings of the 9th Asian Computing Science conference on Advances in Computer Science: dedicated to Jean-Louis Lassez on the Occasion of His 5th Cycle Birthday
Analysis of three intrusion detection system benchmark datasets using machine learning algorithms

ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
Using attack-specific feature subsets for network intrusion detection

AI'06 Proceedings of the 19th Australian joint conference on Artificial Intelligence: advances in Artificial Intelligence
Anomaly detection methods in wired networks: a survey and taxonomy

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of a major challenge in IDS is to discover the intrusive patterns which are normally hidden in abundant of data. Furthermore, it has many features. Some of the features are redundant and some are less significant and they contribute little to the detection process. The purpose of this study is to identify an optimum number of significant features that can represent each category; Normal, Probe, U2R, R2L and DoS. Here, we deployed hierarchical feature selection approach and used similarity-based classification (Kohonen Self-Organizing Map) to classify an input data into their respective categories. Performance was measured based on their correct classification. Empirical results suggest that there is no generic feature subset which is suitable to represent all categories. Instead, different categories are best represented using different feature subsets.