Feature deduction and ensemble design of intrusion detection systems

被引:293
作者
Chebrolu, S
Abraham, A [1 ]
Thomas, JP
机构
[1] Chung Ang Univ, Sch Engn & Comp Sci, Seoul 156756, South Korea
[2] Oklahoma State Univ, Dept Comp Sci, Tulsa, OK 74106 USA
关键词
hybrid intelligent system; feature reduction; intrusion detection; ensemble design; Bayesian network; Markov blanket; decision trees;
D O I
10.1016/j.cose.2004.09.008
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 [计算机科学与技术];
摘要
Current intrusion detection systems (IDS) examine all data features to detect intrusion or misuse patterns. Some of the features may be redundant or contribute little (if anything) to the detection process. The purpose of this study is to identify important input features in building an IDS that is computationally efficient and effective. We investigated the performance of two feature selection algorithms involving Bayesian networks (BN) and Classification and Regression Trees (CART) and an ensemble of BN and CART. Empirical results indicate that significant input feature selection is important to design an IDS that is lightweight, efficient and effective for real world detection systems. Finally, we propose an hybrid architecture for combining different feature selection algorithms for real world intrusion detection. (C) 2004 Elsevier Ltd. All rights reserved.
引用
收藏
页码:295 / 307
页数:13
相关论文
共 36 条
[1]
Abraham A., 2001, Connectionist Models of Neurons, Learning Processes, and Artificial Intelligence. 6th International Work-Conference on Artificial and Natural Neural Networks, IWANN 2001. Proceedings, Part I (Lecture Notes in Computer Science Vol. 2084), P269
[2]
Abraham A, 2001, LECT NOTES COMPUT SC, V2074, P235
[3]
ANDERSON D, 1995, NIDES TECHNICAL REPO
[4]
[Anonymous], 1998, Genetic programming: an introduction
[5]
[Anonymous], 1994, P 1994 IEEE S RES SE
[6]
Bishop M., 2003, Computer security: art and science
[7]
Breiman L., 1998, CLASSIFICATION REGRE
[8]
Adaptive neuro-fuzzy intrusion detection systems [J].
Chavan, S ;
Shah, K ;
Dave, N ;
Mukherjee, S ;
Abraham, A ;
Sanyal, S .
ITCC 2004: INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: CODING AND COMPUTING, VOL 1, PROCEEDINGS, 2004, :70-74
[9]
Chebrolu S, 2004, LECT NOTES COMPUT SC, V3316, P1020
[10]
Learning Bayesian networks from data: An information-theory based approach [J].
Cheng, J ;
Greiner, R ;
Kelly, J ;
Bell, D ;
Liu, WR .
ARTIFICIAL INTELLIGENCE, 2002, 137 (1-2) :43-90