dc.contributor.author |
Mzila, P
|
|
dc.contributor.author |
Dube, E
|
|
dc.date.accessioned |
2013-08-21T12:47:34Z |
|
dc.date.available |
2013-08-21T12:47:34Z |
|
dc.date.issued |
2013-07 |
|
dc.identifier.citation |
Mzila, P and Dube, E. 2013. The effect of destination linked feature selection in real-time network intrusion detection. In: ICIMP 2013 : 8th International Conference on Internet Monitoring and Protection, Rome, Italy, 23-28 June 2013 |
en_US |
dc.identifier.uri |
http://www.thinkmind.org/index.php?view=article&articleid=icimp_2013_1_20_30012
|
|
dc.identifier.uri |
http://hdl.handle.net/10204/6949
|
|
dc.description |
ICIMP 2013 : 8th International Conference on Internet Monitoring and Protection, Rome, Italy, 23-28 June 2013 |
en_US |
dc.description.abstract |
As internet usage rapidly increases in both private and corporate sectors, the study of network intrusion detection is continuously becoming more relevant and has thus been evolving substantially in recent years. One of the most interesting techniques in the network intrusion detection system (NIDS) is the feature selection technique. The ability of NIDS to accurately identify intrusion from the network traffic relies heavily on feature selection, which describes the pattern of the network packets. The objective of this paper is to eliminate unnecessary features from the dataset, namely destination linked features of the network packet, and train a classification model on the remaining features using a k-Nearest Neighbor (k-NN) classifier. Elimination of the insignificant features leads to a simplified problem and may enhance detection rate, which is itself a problem in network intrusion detection system. Furthermore, removal of specifically the destination linked features will allow the trained model to be capable of identifying the attack/intrusion in real-time before it reaches its destination. To evaluate the accuracy of this method, we compare the results of our model trained without destination linked features to the same model trained with features incorporating destination linked features. The results show a similar detection rate for both trained models, but our model has a distinct advantage in that it treats the entire transaction in real-time. |
en_US |
dc.language.iso |
en |
en_US |
dc.publisher |
Think Mind 2013 |
en_US |
dc.relation.ispartofseries |
Workflow;11379 |
|
dc.subject |
Network intrusion detection system |
en_US |
dc.subject |
NIDS |
en_US |
dc.subject |
Feature selection |
en_US |
dc.subject |
Pattern recognition |
en_US |
dc.subject |
Data mining intrusion detection |
en_US |
dc.title |
The effect of destination linked feature selection in real-time network intrusion detection |
en_US |
dc.type |
Conference Presentation |
en_US |
dc.identifier.apacitation |
Mzila, P., & Dube, E. (2013). The effect of destination linked feature selection in real-time network intrusion detection. Think Mind 2013. http://hdl.handle.net/10204/6949 |
en_ZA |
dc.identifier.chicagocitation |
Mzila, P, and E Dube. "The effect of destination linked feature selection in real-time network intrusion detection." (2013): http://hdl.handle.net/10204/6949 |
en_ZA |
dc.identifier.vancouvercitation |
Mzila P, Dube E, The effect of destination linked feature selection in real-time network intrusion detection; Think Mind 2013; 2013. http://hdl.handle.net/10204/6949 . |
en_ZA |
dc.identifier.ris |
TY - Conference Presentation
AU - Mzila, P
AU - Dube, E
AB - As internet usage rapidly increases in both private and corporate sectors, the study of network intrusion detection is continuously becoming more relevant and has thus been evolving substantially in recent years. One of the most interesting techniques in the network intrusion detection system (NIDS) is the feature selection technique. The ability of NIDS to accurately identify intrusion from the network traffic relies heavily on feature selection, which describes the pattern of the network packets. The objective of this paper is to eliminate unnecessary features from the dataset, namely destination linked features of the network packet, and train a classification model on the remaining features using a k-Nearest Neighbor (k-NN) classifier. Elimination of the insignificant features leads to a simplified problem and may enhance detection rate, which is itself a problem in network intrusion detection system. Furthermore, removal of specifically the destination linked features will allow the trained model to be capable of identifying the attack/intrusion in real-time before it reaches its destination. To evaluate the accuracy of this method, we compare the results of our model trained without destination linked features to the same model trained with features incorporating destination linked features. The results show a similar detection rate for both trained models, but our model has a distinct advantage in that it treats the entire transaction in real-time.
DA - 2013-07
DB - ResearchSpace
DP - CSIR
KW - Network intrusion detection system
KW - NIDS
KW - Feature selection
KW - Pattern recognition
KW - Data mining intrusion detection
LK - https://researchspace.csir.co.za
PY - 2013
T1 - The effect of destination linked feature selection in real-time network intrusion detection
TI - The effect of destination linked feature selection in real-time network intrusion detection
UR - http://hdl.handle.net/10204/6949
ER -
|
en_ZA |