Application of the generic feature selection measure in detection of web attacks
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Feature selection for detection of peer-to-peer botnet traffic
Proceedings of the 6th ACM India Computing Convention
Hi-index | 0.00 |
Performance of a pattern recognition system depends strongly on the employed feature-selection method. We perform an in-depth analysis of two main measures used in the filter model: the correlation-feature-selection (CFS) measure and the minimal-redundancy-maximal-relevance (mRMR) measure. We show that these measures can be fused and generalized into a generic feature-selection (GeFS) measure. Further on, we propose a new feature-selection method that ensures globally optimal feature sets. The new approach is based on solving a mixed 0-1 linear programming problem (M01LP) by using the branch-and-bound algorithm. In this M01LP problem, the number of constraints and variables is linear ($O(n)$) in the number $n$ of full set features. In order to evaluate the quality of our GeFS measure, we chose the design of an intrusion detection system (IDS) as a possible application. Experimental results obtained over the KDD Cup'99 test data set for IDS show that the GeFS measure removes 93% of irrelevant and redundant features from the original data set, while keeping or yielding an even better classification accuracy.