Cumulative histogram as a feature selection technique for anomaly detection

Cumulative histogram as a feature selection technique for anomaly detection

연구 분야: Safety

학회: Multimedia Tools and Applications

The enhancement of Intrusion Detection Systems (IDS) is required to ensure protection of network resources and services. This is a hot research topic, especially in the presence of advanced intrusions and attacks. This paper provides a comparison between Distributed Cumulative Histogram (DCH) as a Feature Selection (FS) technique, Information Gain Ratio (IGR) FS and wrapper-based FS in terms of accuracy and Root Mean Square Error (RMSE). The utilization of DCH of the traffic instances in normal and attack cases allows us to compare the traffic charts. We can observe the difference between effective features and less effective ones. We verify the feasibility of using DCH as an FS technique in the field of anomaly detection with just six selected features giving more accurate results with most classifiers compared to the IGR and wrapper-based FS. We applied our experiments on the modern UNSW dataset with the WEKA simulation platform that contains a group of classification, feature reduction and selection techniques.