Journal of South China University of Technology (Natural Science Edition) ›› 2010, Vol. 38 ›› Issue (1): 81-86.doi: 10.3969/j.issn.1000-565X.2010.01.016

• Computer Science & Technology • Previous Articles     Next Articles

An efficient Network Intrusion Detection Feature Extraction Method

Zhang Xue-qin  Gu Chun-hua   

  1.  School of Information Science and Engineering, East China University of Science and Engineering, Shanghai 200237, China
  • Received:2009-02-25 Revised:2009-04-29 Online:2010-01-25 Published:2010-01-25
  • Contact: 张雪芹(1972-),女,博士,副教授,主要从事网络安全、模式识别研究. E-mail:zxq@eeust.edu.cn
  • About author:张雪芹(1972-),女,博士,副教授,主要从事网络安全、模式识别研究.
  • Supported by:

    国家自然科学基金资助项目(60773094)

PDF

762

Abstract:

In order to eliminate redundant features, reduce the system burden of storage and computation, and improve the performance of the classifier for network intrusion detection, a method to extract network intrusion detection feature is proposed based on the Fisher score and the support vector machine (SVM). Then, in accordance with KDD,99 network intrusion detection dataset, the feature significance rankings for the mixed attack and four single attacks are respectively obtained by using the proposed method. By extracting important features, a SVM classifier is thus constructed. Experimental results show that, as compared with the classifier constructed based on all features, the new classifier is of approximately equivalent accuracy and dramatically low training and testing time cost.

Key words: intrusion detection system, feature extraction, Fisher score, support vector machine