Feature selection, learning metrics and dimension reduction in training and classification processes in intrusion detection systems

This research presents an IDS prototype in Matlab that assess network traffic connections contained in the NSL-KDD dataset, comparing feature selection techniques available in FEAST toolbox, refining prior results applying dimension reduction technique ISOMAP. The classification process used a super...

Full description

Autores:
Mendoza Palechor, Fabio
De la Hoz Manotas, Alexis Kevin
De-La-Hoz-Franco, Emiro
Ariza Colpas, Paola Patricia
Tipo de recurso:
Article of journal
Fecha de publicación:
2015
Institución:
Corporación Universidad de la Costa
Repositorio:
REDICUC - Repositorio CUC
Idioma:
eng
OAI Identifier:
oai:repositorio.cuc.edu.co:11323/711
Acceso en línea:
https://hdl.handle.net/11323/711
https://repositorio.cuc.edu.co/
Palabra clave:
System intrusion detection (IDS)
Feature selection toolbox (FEAST)
Isometric feature mapping ISOMAP
Support vector machine (SVM)
Principal component analysis (PCA)
Rights
openAccess
License
Atribución – No comercial – Compartir igual
Description
Summary:This research presents an IDS prototype in Matlab that assess network traffic connections contained in the NSL-KDD dataset, comparing feature selection techniques available in FEAST toolbox, refining prior results applying dimension reduction technique ISOMAP. The classification process used a supervised learning technique called Support Vector Machines (SVM). The comparative analysis related to detection rates by attack category are conclusive that MRMR+PCA+SVM (selection, reduction and classification techniques) combined obtained more promising results, just using 5 of 41 available features in the dataset. The results obtained were: 85.42% normal traffic, 80.77% DoS, 90.41% Probe, 91.78% U2R and 83.25% R2L.

Publicaciones similares