Similarity-based Classification using Specific Features in Network Intrusion Detection

A. Zainal, M.A. Maarof, and S.M. Shamsuddin (Malaysia)

Keywords

Intrusion detection, feature selection, classification and Kohonen Self Organizing Map.

Abstract

One of a major challenge in IDS is to discover the intrusive patterns which are normally hidden in abundant of data. Furthermore, it has many features. Some of the features are redundant and some are less significant and they contribute little to the detection process. The purpose of this study is to identify an optimum number of significant features that can represent each category; Normal, Probe, U2R, R2L and DoS. Here, we deployed hierarchical feature selection approach and used similarity-based classification (Kohonen Self-Organizing Map) to classify an input data into their respective categories. Performance was measured based on their correct classification. Empirical results suggest that there is no generic feature subset which is suitable to represent all categories. Instead, different categories are best represented using different feature subsets.

Important Links:



Go Back