Research Article
An approach to reduce data dimension in building effective Network Intrusion Detection Systems
@ARTICLE{10.4108/eai.13-7-2018.162633, author={Hoang Ngoc Thanh and Tran Van Lang}, title={An approach to reduce data dimension in building effective Network Intrusion Detection Systems}, journal={EAI Endorsed Transactions on Context-aware Systems and Applications}, volume={6}, number={18}, publisher={EAI}, journal_a={CASA}, year={2019}, month={8}, keywords={Intrusion Detection System, Machine learning, Feature selection, UNSW-NB15 dataset}, doi={10.4108/eai.13-7-2018.162633} }- Hoang Ngoc Thanh
Tran Van Lang
Year: 2019
An approach to reduce data dimension in building effective Network Intrusion Detection Systems
CASA
EAI
DOI: 10.4108/eai.13-7-2018.162633
Abstract
The main function of the network Intrusion Detection System (IDS) is to protect the system, analyze and predict network access behavior of users. These behaviors are considered normal or an attack. Machine learning methods (ML) are used in IDSs because of the ability to learn from past attack patterns to recognize new attack patterns. These methods are effective but have relatively high computational costs. Meanwhile, the traffic of network data is growing rapidly, the computational cost issues need to be addressed. This paper addresses the use of algorithms combined with information metrics to reduce the features of the dataset to be analyzed. As the result, it helps to build IDSs with lower cost but higher performance suitable for large scale networks. The test results on the UNSW-NB15 dataset demonstrate: with the optimal set of features suitable for the attack type as well as the machine learning method, the quality of classification is improved with less training and testing time.
Copyright © 2019 Hoang Ngoc Thanh et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.
