Abstract
The Intrusion detection system deals with huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. Feature selection, therefore, is an important issue in intrusion detection. In this paper we introduce concepts and algorithms of feature selection, survey existing feature selection algorithms in intrusion detection systems, group and compare different algorithms in three broad categories: filter, wrapper, and hybrid. We conclude the survey by identifying trends and challenges of feature selection research and development in intrusion detection system.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Kruegel, C., Valeur, F.: Stateful Intrusion Detection for High-Speed Networks. In: Proc. of the IEEE Symposium on Research on Security and Privacy, pp. 285–293 (2002)
Blum, A.L., Langley, P.: Selection of Relevant Features and Examples in Machine Learning. Artificial Intelligence 97, 245–271 (1997)
Liu, H., Motoda, H. (eds.): Feature Extraction, Construction and Selection: A Data Mining Perspective. Kluwer Academic, Boston (1998) (second printing, 2001)
Dash, M., Liu, H., Motoda, H.: Consistency based feature selection. In: Terano, T., Chen, A.L.P. (eds.) PAKDD 2000. LNCS, vol. 1805, pp. 98–109. Springer, Heidelberg (2000)
Almuallim, H., Dietterich, T.G.: Learning Boolean Concepts in the Presence of Many Irrelevant Features. Artificial Intelligence 69(1-2), 279–305 (1994)
Doak, J.: An Evaluation of Feature Selection Methods and Their Application to Computer Security. Technical report, Univ. of California at Davis, Dept. Computer Science (1992)
Narendra, P.M., Fukunaga, K.: A Branch and Bound Algorithm for Feature Subset Selection. IEEE Trans. Computer 26(9), 917–922 (1977)
Liu, H., Motoda, H.: Feature Selection for Knowledge Discovery and Data Mining. Kluwer Academic, Boston (1998)
Almuallim, H., Dietterich, T.G.: Learning Boolean Concepts in the Presence of Many Irrelevant Features. Artificial Intelligence 69(1-2), 279–305 (1994)
Ben-Bassat, M.: Pattern Recognition and Reduction of Dimensionality. In: Krishnaiah, P.R., Kanal, L.N. (eds.) Handbook of Statistics-II, pp. 773–791. North Holland, Amsterdam (1982)
Hall, M.A.: Correlation-Based Feature Selection for Discrete and Numeric Class Machine Learning. In: Proc. 17th Int’l. Conf. Machine Learning, pp. 359–366 (2000)
Witten, I.H., Frank, E.: Data Mining-Pracitcal Machine Learning Tools and Techniques with JAVA Implementations. Morgan Kaufmann, San Francisco (2000)
Hall, M.A.: Correlation-based Feature Selection for Discrete and Numeric Class Machine Learning. In: Proc. of the 17th Int. Conf. on Machine Learning, pp. 359–366. Morgan Kaufmann Publishers Inc., San Francisco (2000)
Fayyad, U., Irani, K.: Multi-interval discretization of continuos attributes as preprocessing for classification learning. In: Proc. of the 13th Int. Join Conf. on Artificial Intelligence, pp. 1022–1027. Morgan Kaufmann Publishers, San Francisco (1993)
Press, W.H., Flannery, B.P., Teukolsky, S.A., Vetterling, W.T.: Numerical recipes in C. Cambridge University Press, Cambridge (1988)
Holland, J.H.: Adaptation in natural and artificial systems. University of Michigan Press (1975) (reprinted by MIT Press, Cambridge (1992))
Holland, J.H.: Adaptation in Natural and Artificial Systems. University of Michigan Press, Ann Arbor (1975)
Johnson, R.A., Wichern, D.W.: Applied Multivariate Statistical Analysis, pp. 356–395. Prentice-Hall, Englewood Cliffs (2002)
Hotelling, H.: Analysis of a complex statistical variables into principal components. Journal of Educational Psychology 24, 417–441 (1933)
Quinlan, J.R.: C4.5: Programs for machine learning. Morgan Kaufmann Publishers, San Francisco (1993)
Mukkamala, S., Sung, A.H.: Comparison of Neural Networks and Support Vector Machines. In: Intrusion Detection Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, June 11-13 (2002)
Sung, A.H.: Ranking Importance of Input Parameters Of Neural Networks. Expert Systems with Applications, pp. 405–411 (1998)
KDD Cup 1999 Data: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Fugate, M., Gattiker, J.R.: Anomaly Detection Enhanced Classification in Computer Intrusion Detection. In: Lee, S.-W., Verri, A. (eds.) SVM 2002. LNCS, vol. 2388, p. 186. Springer, Heidelberg (2002)
Nguyen, B.V.: An Application of Support Vector Machines to Anomaly Detection (2002), Available at: http://www.math.ohiou.edu/~vnguyen/papers/IDS_SVM.pdf
Kim, D.S., Park, J.S.: Network-based Intrusion Detection with Support Vector Machines. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 747–756. Springer, Heidelberg (2003)
Sung, A.H., Mukkamala, S.: Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks. In: Proc. of the 2003 Int. Sym. On Applications and the Internet Technology, pp. 209–216. IEEE Computer Society Press, Los Alamitos (2003)
Kim, D.S., Lee, S.M., Park, J.S.: Building Lightweight Intrusion Detection System Based on Random Forest. In: Wang, J., Yi, Z., Żurada, J.M., Lu, B.-L., Yin, H. (eds.) ISNN 2006. LNCS, vol. 3973, pp. 224–230. Springer, Heidelberg (2006)
Breiman, L.: Random forest. Machine Learning 45(1), 5–32 (2001)
Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. John Wiley & Sons, Chichester (2001)
Kim, D., Nguyen, H.-N., Ohn, S.-Y., Park, J.: Fusions of GA and SVM for Anomaly Detection in Intrusion Detection System. In: Wang, J., Liao, X.-F., Yi, Z. (eds.) ISNN 2005. LNCS, vol. 3498, pp. 415–420. Springer, Heidelberg (2005)
Hastie, T., Tibshirani, R., Friedman, J.: The Elements of Statistical Learning. In: Yu, L., Liu, H. (eds.) Feature Selection for High-Dimensional Data. Springer, Heidelberg (2001)
A Fast Correlation-Based Filter Solution. In: Proc. 20th Int’l. Conf. Machine Learning, pp. 856–863 (2003)
Liu, H., Yu, L.: Towards integrating feature selection algorithms for classification and clustering. IEEE Transactions on Knowledge and Data Engineering 17(3), 1–12 (2005)
Park, J.S., Shazzad, K.M., Kim, D.S.: Toward Modeling Lightweight Intrusion Detection System Through Correlation-Based Hybrid Feature Selection. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, pp. 279–289. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, Y., Li, Y., Cheng, XQ., Guo, L. (2006). Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System. In: Lipmaa, H., Yung, M., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2006. Lecture Notes in Computer Science, vol 4318. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11937807_13
Download citation
DOI: https://doi.org/10.1007/11937807_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49608-3
Online ISBN: 978-3-540-49610-6
eBook Packages: Computer ScienceComputer Science (R0)