Cumulative histogram as a feature selection technique for anomaly detection-Reference-Cited by-同舟云学术

Cumulative histogram as a feature selection technique for anomaly detection

Published:2024-04-03 Issue: Volume: Page:
ISSN:1573-7721
Container-title:Multimedia Tools and Applications
language:en
Short-container-title:Multimed Tools Appl

Author:

Nassar Mostafa,Salama Rania A.^ORCID,Saleeb Adel A.,El-bahnasawy Nirmeen A.^ORCID,Ahmed Hossam Eldin H.,Abd El-Samie Fathi E.^ORCID

Abstract

AbstractThe enhancement of Intrusion Detection Systems (IDS) is required to ensure protection of network resources and services. This is a hot research topic, especially in the presence of advanced intrusions and attacks. This paper provides a comparison between Distributed Cumulative Histogram (DCH) as a Feature Selection (FS) technique, Information Gain Ratio (IGR) FS and wrapper-based FS in terms of accuracy and Root Mean Square Error (RMSE). The utilization of DCH of the traffic instances in normal and attack cases allows us to compare the traffic charts. We can observe the difference between effective features and less effective ones. We verify the feasibility of using DCH as an FS technique in the field of anomaly detection with just six selected features giving more accurate results with most classifiers compared to the IGR and wrapper-based FS. We applied our experiments on the modern UNSW dataset with the WEKA simulation platform that contains a group of classification, feature reduction and selection techniques.

Funder

Minufiya University

Publisher

Springer Science and Business Media LLC

Link

https://link.springer.com/content/pdf/10.1007/s11042-023-17617-7.pdf

Reference13 articles.

1. Kumar K, Kumar G, Kumar Y (2013) Feature selection approach for intrusion detection system. Int J Adv Trends Comput Sci Eng (IJATCSE) 2(5):47–53

2. Moustafa N (2017) Designing an online and reliable statistical anomaly detection framework for dealing with large high-speed network traffic. Diss. University of New South Wales, Canberra, Australia

3. Bhumika P et al (2018) Hybrid relabeled model for network intrusion detection. 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE

4. Li Y et al (2009) Building lightweight intrusion detection system using wrapper-based feature selection mechanisms. Comput Secur 28(6):466–475

5. Kind A, Xenofontas Dimitropoulos (2009) Histogram-based traffic anomaly detection. IEEE Trans Netw Serv Manage 6(2):110–121