A Feature Selection Algorithm for IDS

Gul A., Adali E.

2017 International Conference on Computer Science and Engineering (UBMK), Antalya, Turkey, 5 - 08 October 2017, pp.816-820 identifier

  • Publication Type: Conference Paper / Full Text
  • City: Antalya
  • Country: Turkey
  • Page Numbers: pp.816-820
  • Istanbul Technical University Affiliated: Yes


An intrusion detection system (IDS) monitors the network traffic looking for suspicious or malicious activities or policy violations, which could represent an attack or unauthorized access. Traditional systems were designed to detect known attacks but cannot identify unknown threats. They most commonly detect known threats based on predefined rules or behavioral analysis through baselining the network. Expert attackers can bypass these techniques, therefore the need for more intelligent intrusion detection is increasing by the day. Intelligent IDS collects and analyzes information from different areas and deals with large amount of data, which contains various redundant and irrelevant features and results in increased overfitting, processing (training) time and low detection rate. For that reason, feature selection should be applied as a preprocessing step to improve accuracy and system performance while shrinking large data sets. In this paper, filter method which is a method used in feature selection to identify important features and to eliminate the less effective features has been developed for three different class structures on the NSL KDD dataset. After this process, classification models were created and performance measures were used to evaluate the models.