{"title":"一种适应入侵检测的两步特征选择算法","authors":"Lizhong Xiao, Y. Liu","doi":"10.1109/JCAI.2009.214","DOIUrl":null,"url":null,"abstract":"In intrusion detection data set is high dimensional, which leads to low processing speed for intrusion detection algorithms, but it holds many features affecting little for detection. To address the above issue, a two-step feature selection algorithm is proposed in this paper. Depending on the definition of relevant feature and redundant feature and using mutual information as criterion, it firstly eliminates the irrelevant features and then eliminates the redundant features. With low time complexity, the feature selection algorithm independent of detection algorithm could easily balance the detection accuracy and the number of features through threshold. Experiments over networks connection records from authoritative data set KDD CUP 1999 were implemented for several detection algorithms to evaluate the proposed method. The results show the algorithm could effectively select features, ensure detection accuracy and improve processing speed.","PeriodicalId":154425,"journal":{"name":"2009 International Joint Conference on Artificial Intelligence","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"A Two-step Feature Selection Algorithm Adapting to Intrusion Detection\",\"authors\":\"Lizhong Xiao, Y. Liu\",\"doi\":\"10.1109/JCAI.2009.214\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In intrusion detection data set is high dimensional, which leads to low processing speed for intrusion detection algorithms, but it holds many features affecting little for detection. To address the above issue, a two-step feature selection algorithm is proposed in this paper. Depending on the definition of relevant feature and redundant feature and using mutual information as criterion, it firstly eliminates the irrelevant features and then eliminates the redundant features. With low time complexity, the feature selection algorithm independent of detection algorithm could easily balance the detection accuracy and the number of features through threshold. Experiments over networks connection records from authoritative data set KDD CUP 1999 were implemented for several detection algorithms to evaluate the proposed method. The results show the algorithm could effectively select features, ensure detection accuracy and improve processing speed.\",\"PeriodicalId\":154425,\"journal\":{\"name\":\"2009 International Joint Conference on Artificial Intelligence\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-04-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 International Joint Conference on Artificial Intelligence\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/JCAI.2009.214\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Joint Conference on Artificial Intelligence","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/JCAI.2009.214","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 13
摘要
在入侵检测中,数据集是高维的,这导致入侵检测算法的处理速度较慢,但它具有许多对检测影响不大的特征。为了解决上述问题,本文提出了一种两步特征选择算法。根据相关特征和冗余特征的定义,以互信息为准则,先去除了无关特征,再去除了冗余特征。独立于检测算法的特征选择算法具有较低的时间复杂度,可以很容易地通过阈值平衡检测精度和特征数量。在权威数据集KDD CUP 1999的网络连接记录上进行了几种检测算法的实验,以评估所提出的方法。结果表明,该算法能够有效地选择特征,保证检测精度,提高处理速度。
A Two-step Feature Selection Algorithm Adapting to Intrusion Detection
In intrusion detection data set is high dimensional, which leads to low processing speed for intrusion detection algorithms, but it holds many features affecting little for detection. To address the above issue, a two-step feature selection algorithm is proposed in this paper. Depending on the definition of relevant feature and redundant feature and using mutual information as criterion, it firstly eliminates the irrelevant features and then eliminates the redundant features. With low time complexity, the feature selection algorithm independent of detection algorithm could easily balance the detection accuracy and the number of features through threshold. Experiments over networks connection records from authoritative data set KDD CUP 1999 were implemented for several detection algorithms to evaluate the proposed method. The results show the algorithm could effectively select features, ensure detection accuracy and improve processing speed.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
