Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach

Detalhes bibliográficos
Autor(a) principal: Araújo, Nelcileno
Data de Publicação: 2010
Outros Autores: De Oliveira, Ruy, Ferreira, Ed'Wilson, Shinoda, Ailton Akira [UNESP], Bhargava, Bharat
Tipo de documento: Artigo de conferência
Idioma: eng
Título da fonte: Repositório Institucional da UNESP
Texto Completo: http://dx.doi.org/10.1109/ICTEL.2010.5478852
http://hdl.handle.net/11449/225968
Resumo: Intrusion detection datasets play a key role in fine tuning Intrusion Detection Systems (IDSs). Using such datasets one can distinguish between regular and anomalous behavior of a given node in the network. To build this dataset is not straightforward, though, as only the most significant features of the collected data for detecting the node's behavior should be considered. We propose in this paper a technique for selecting relevant features out of KDD99 using a hybrid approach toward an optimal subset of features. Unlike existing work that only detect attack or no attack conditions, our approach efficiently identifies which sort of attack each register in the dataset refers to. The evaluation results show that the optimized subset of features can improve performance of typical IDSs. © 2009 IEEE.
id UNSP_87acd7638eb0ff46fb53b7bc0ab3c8ab
oai_identifier_str oai:repositorio.unesp.br:11449/225968
network_acronym_str UNSP
network_name_str Repositório Institucional da UNESP
repository_id_str 2946
spelling Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approachHybrid approachInformation gain ratioK-meansKDD99. feature selectionIntrusion detection datasets play a key role in fine tuning Intrusion Detection Systems (IDSs). Using such datasets one can distinguish between regular and anomalous behavior of a given node in the network. To build this dataset is not straightforward, though, as only the most significant features of the collected data for detecting the node's behavior should be considered. We propose in this paper a technique for selecting relevant features out of KDD99 using a hybrid approach toward an optimal subset of features. Unlike existing work that only detect attack or no attack conditions, our approach efficiently identifies which sort of attack each register in the dataset refers to. The evaluation results show that the optimized subset of features can improve performance of typical IDSs. © 2009 IEEE.Institute of Computing Federal University of Mato Grosso, Cuiabá, MTDepartment of Informatics Federal Institute of Mato Grosso, Cuiabá, MTDepartment of Electrical Engineering State University Júlio de Mesquita Filho, Ilha Solteira, SPDepartment of Computer Science Purdue University, West Lafayette, INDepartment of Electrical Engineering State University Júlio de Mesquita Filho, Ilha Solteira, SPFederal University of Mato GrossoFederal Institute of Mato GrossoUniversidade Estadual Paulista (UNESP)Purdue UniversityAraújo, NelcilenoDe Oliveira, RuyFerreira, Ed'WilsonShinoda, Ailton Akira [UNESP]Bhargava, Bharat2022-04-28T21:02:11Z2022-04-28T21:02:11Z2010-07-19info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject552-558http://dx.doi.org/10.1109/ICTEL.2010.5478852ICT 2010: 2010 17th International Conference on Telecommunications, p. 552-558.http://hdl.handle.net/11449/22596810.1109/ICTEL.2010.54788522-s2.0-77954556689Scopusreponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPengICT 2010: 2010 17th International Conference on Telecommunicationsinfo:eu-repo/semantics/openAccess2024-07-04T19:11:50Zoai:repositorio.unesp.br:11449/225968Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462024-08-05T21:51:09.988865Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false
dc.title.none.fl_str_mv Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
title Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
spellingShingle Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
Araújo, Nelcileno
Hybrid approach
Information gain ratio
K-means
KDD99. feature selection
title_short Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
title_full Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
title_fullStr Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
title_full_unstemmed Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
title_sort Identifying important characteristics in the KDD99 intrusion detection dataset by feature selection using a hybrid approach
author Araújo, Nelcileno
author_facet Araújo, Nelcileno
De Oliveira, Ruy
Ferreira, Ed'Wilson
Shinoda, Ailton Akira [UNESP]
Bhargava, Bharat
author_role author
author2 De Oliveira, Ruy
Ferreira, Ed'Wilson
Shinoda, Ailton Akira [UNESP]
Bhargava, Bharat
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Federal University of Mato Grosso
Federal Institute of Mato Grosso
Universidade Estadual Paulista (UNESP)
Purdue University
dc.contributor.author.fl_str_mv Araújo, Nelcileno
De Oliveira, Ruy
Ferreira, Ed'Wilson
Shinoda, Ailton Akira [UNESP]
Bhargava, Bharat
dc.subject.por.fl_str_mv Hybrid approach
Information gain ratio
K-means
KDD99. feature selection
topic Hybrid approach
Information gain ratio
K-means
KDD99. feature selection
description Intrusion detection datasets play a key role in fine tuning Intrusion Detection Systems (IDSs). Using such datasets one can distinguish between regular and anomalous behavior of a given node in the network. To build this dataset is not straightforward, though, as only the most significant features of the collected data for detecting the node's behavior should be considered. We propose in this paper a technique for selecting relevant features out of KDD99 using a hybrid approach toward an optimal subset of features. Unlike existing work that only detect attack or no attack conditions, our approach efficiently identifies which sort of attack each register in the dataset refers to. The evaluation results show that the optimized subset of features can improve performance of typical IDSs. © 2009 IEEE.
publishDate 2010
dc.date.none.fl_str_mv 2010-07-19
2022-04-28T21:02:11Z
2022-04-28T21:02:11Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/conferenceObject
format conferenceObject
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://dx.doi.org/10.1109/ICTEL.2010.5478852
ICT 2010: 2010 17th International Conference on Telecommunications, p. 552-558.
http://hdl.handle.net/11449/225968
10.1109/ICTEL.2010.5478852
2-s2.0-77954556689
url http://dx.doi.org/10.1109/ICTEL.2010.5478852
http://hdl.handle.net/11449/225968
identifier_str_mv ICT 2010: 2010 17th International Conference on Telecommunications, p. 552-558.
10.1109/ICTEL.2010.5478852
2-s2.0-77954556689
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv ICT 2010: 2010 17th International Conference on Telecommunications
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv 552-558
dc.source.none.fl_str_mv Scopus
reponame:Repositório Institucional da UNESP
instname:Universidade Estadual Paulista (UNESP)
instacron:UNESP
instname_str Universidade Estadual Paulista (UNESP)
instacron_str UNESP
institution UNESP
reponame_str Repositório Institucional da UNESP
collection Repositório Institucional da UNESP
repository.name.fl_str_mv Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)
repository.mail.fl_str_mv
_version_ 1808129366506340352

Registros relacionados