A Minimal Subset of Features Using Correlation Feature Selection Model for Intrusion Detection System

  • Shilpa Bahl
  • Sudhir Kumar Sharma
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 380)


The intrusion detection system (IDS) research field has grown tremendously in the past decade. Current IDS uses all data features to detect intrusions. Some of the features may be irrelevant and redundant to the detection process. The purpose of this study is to identify a minimal subset of relevant features to design effective intrusion detection system. A proposed minimal subset of features is built by selecting common features from six search methods with correlation feature selection method. The paper presents empirical comparison between 7 reduced subsets and the given complete set of features. The simulation results have shown slightly better performance using only 12 proposed features compared to others.


Correlation feature selection Intrusion detection system Machine learning User to root attack class 


  1. 1.
    Van der Geer, J., et al.: Intrusion detection system: a review, the art of writing a scientific article. J. Sci. Commun. 163, 51–59 (2000)Google Scholar
  2. 2.
    Van der Geer, J., et al.: Managing Cyber Threats: Issues, Approaches, and Challenges, vol. 5. Springer (2006)Google Scholar
  3. 3.
    Han, J., Kamber, M., Pei, J.: Data Mining, Concepts and Techniques. Southeast Asia Edition (2006)Google Scholar
  4. 4.
    Tavallaee, M., Stakhanova, N., Ghorbani, A.A.: Toward credible evaluation of anomaly-based intrusion-detection methods. Syst. Man Cybern. Part C: IEEE Trans. Appl. Rev. 40(5), 516–524 (2010)CrossRefGoogle Scholar
  5. 5.
    Sánchez, R., Herrero, Á., Corchado, E.: Visualization and clustering for SNMP intrusion detection. Cybern. Syst. 44(6–7), 505–532 (2013)CrossRefGoogle Scholar
  6. 6.
  7. 7.
    Nsl-kdd Data set for Network-Based Intrusion Detection Systems: (March 2014)
  8. 8.
    Revathi, S., Malathi, A.: A detailed analysis of KDD cup99 dataset for IDS. Int. J. Eng. Res. Technol. (IJERT) 2(12), (2013)Google Scholar
  9. 9.
    Nguyen, H., Choi, D.: Application of data mining to network intrusion detection: classifier selection model. In: APNOMS 2008, LNCS 5297, pp. 399–408, 2008. © Springer, Berlin Heidelberg (2008)Google Scholar
  10. 10.
    Bahl, S., Sharma, S.K.: Improving classification accuracy of IDS using feature subset selection. In: Proceedings of International Conference IEEE ACCT 2015, IndiaGoogle Scholar
  11. 11.
    Sabhnani, M., Serpen, G.: Application of machine learning algorithms to KDD intrusion detection dataset within misuse detection context. In: MLMTA, pp. 209–215 (2003)Google Scholar
  12. 12.
    Sabhnani, M., Serpen, G.: Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. Intel. Data Anal. 8(4), 403–415 (2004)Google Scholar
  13. 13.
    Chizi, B., Maimon, O.: Dimension reduction and feature selection. In: Data Mining and Knowledge Discovery Handbook, pp. 83–100. Springer (2010)Google Scholar
  14. 14.
    Maaten, V., Laurens, J.P., Postma, E.O., Jaap, H., Herik, V.: Dimensionality reduction: a comparative review. J. Mach. Learn. Res. 10(1–41), 66–71 (2009)Google Scholar
  15. 15.
    Stańczyk, U.: Ranking of characteristic features in combined wrapper approaches to selection. Neural Comput. Appl. 1–16 (2015)Google Scholar
  16. 16.
    Jiliang, T., Alelyani, S., Liu, H.: Feature selection for classification: a review. In: Aggarwal, C. (ed.) Data Classification: Algorithms and Applications. CRC Press in Chapman & Hall/CRC Data Mining and Knowledge Discovery Series (2014)Google Scholar
  17. 17.
    Solanki, M., Dhamdhere, V.: Intrusion detection technique using data mining approach: survey. Int. J. Innovative Res. Comput. Commun. Eng. 2(11), (2014)Google Scholar
  18. 18.
    Engen, V., et al.: Exploring discrepancies in findings obtained with the KDD Cup’99 data set. Intell. Data Anal. 15(2), 251–276 (2011)Google Scholar
  19. 19.
    Piramuthu, S.: Evaluating feature selection methods for learning in data mining applications. Eur. J. Oper. Res. 156, 483–494 (2004)MATHCrossRefGoogle Scholar
  20. 20.
    Zaman, S., Karray, F.: Features selection for intrusion detection systems based on support vector machines. In: Consumer Communications and Networking Conference, CCNC 2009 IEEE, pp. 1–8Google Scholar
  21. 21.
    Peddabachigari, S., Abraham, A., Grosan, C., Thomas, J.: Modeling intrusion detection system using hybrid intelligent systems. J. Netw. Comput. Appl. 30(1), 114–132 (2007)CrossRefGoogle Scholar
  22. 22.
    Staudemeyer, R.C., Omlin, C.W.: Extracting salient features for network intrusion detection using machine learning methods. S. Afr. Comput. J. 52, 82–96 (2014)Google Scholar
  23. 23.
    Weka Data Mining Machine Learning Software:
  24. 24.
    Witten, I.H., Frank, E., Hall, M.A.: Data Mining-Practical Machine Learning Tools and Techniques. Morgan Kaufmann (2011)Google Scholar
  25. 25.
    Hall, M.A.: Correlation-based Feature Selection for Machine Learning, Thesis (1999)Google Scholar

Copyright information

© Springer India 2016

Authors and Affiliations

  1. 1.KIIT College of EngineeringGurgaonIndia

Personalised recommendations