Selection of effective network parameters in attacks for intrusion detection

Authors:
Gholam Reza Zargar;Peyman Kabiri
Affiliations:
Khouzestan Electric Power Distribution Company, Ahwaz, Iran;Iran University of Science and Technology, Intelligent Automation Laboratory, School of Computer Engineering, Tehran, Iran
Venue:
ICDM'10 Proceedings of the 10th industrial conference on Advances in data mining: applications and theoretical aspects
Year:
2010

Citing 11
Cited 1

The nature of statistical learning theory

The nature of statistical learning theory
Automatic subspace clustering of high dimensional data for data mining applications

SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Feature Subset Selection by Neuro-rough Hybridization

RSCTC '00 Revised Papers from the Second International Conference on Rough Sets and Current Trends in Computing
Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks

SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Analysis of a Denial of Service Attack on TCP

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)

A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)
An introduction to variable and feature selection

The Journal of Machine Learning Research
Data Mining: Concepts and Techniques

Data Mining: Concepts and Techniques
Intrusion Detection with Data Correlation Relation Graph

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Intrusion Detection: A Survey

ICSNC '08 Proceedings of the 2008 Third International Conference on Systems and Networks Communications
The feature selection and intrusion detection problems

ASIAN'04 Proceedings of the 9th Asian Computing Science conference on Advances in Computer Science: dedicated to Jean-Louis Lassez on the Occasion of His 5th Cycle Birthday

Network intrusion prevention by using hierarchical self-organizing maps and probability-based labeling

IWANN'11 Proceedings of the 11th international conference on Artificial neural networks conference on Advances in computational intelligence - Volume Part I

Quantified Score

Hi-index	0.00

Visualization

Abstract

Current Intrusion Detection Systems (IDS) examine a large number of data features to detect intrusion or misuse patterns. Some of the features may be redundant or with a little contribution to the detection process. The purpose of this study is to identify important input features in building an IDS that are computationally efficient and effective. This paper proposes and investigates a selection of effective network parameters for detecting network intrusions that are extracted from Tcpdump DARPA1998 dataset. Here PCA method is used to determine an optimal feature set. An appropriate feature set helps to build efficient decision model as well as to reduce the population of the feature set. Feature reduction will speed up the training and the testing process for the attack identification system considerably. Tcpdump of DARPA1998 intrusion dataset was used in the experiments as the test data. Experimental results indicate a reduction in training and testing time while maintaining the detection accuracy within tolerable range.