JISE Vol.26 No.2#12

[ 1]

[ 2]

[ 3]

[ 4]

[ 5]

[ 6]

[ 7]

[ 8]

[ 9]

[ 10]

[ 11]

[ 12]

[ 13]

[ 14]

[ 15]

[ 16]

[ 17]

[ 18]

[ 19]

[ 20]

[ 21]

[ 22]

[ 23]

[ 24]

Journal of Information Science and Engineering, Vol. 26 No. 2, pp. 527-547 (March 2010)

Feature Construction Scheme for Efficient Intrusion Detection System^*

EUNHYE KIM, SEUNGMIN LEE, KIHOON KWON⁺ AND SEHUN KIM⁺⁺
Electronics and Telecommunications Research Institute
Daejeon, 305-700 Korea
⁺Samsung SDS
Seoul, 135-918 Korea
⁺⁺Department of Industrial Engineering
Korea Advanced Institute of Science and Technology
Daejeon, 305-701 Korea

For computationally efficient and effective IDS, it is essential to identify important input features. In this paper, a statistical feature construction scheme is proposed in which factor analysis is orthogonally combined with an optimized k-means clustering technique. As a core component for unsupervised anomaly detection, the proposed feature construction scheme is able to exclude the redundancy of features optimally via the consideration of the similarity of feature responses through a clustering analysis based on the feature space reduced in a factor analysis. The performance of the proposed method was evaluated using different data sets reduced by the ranking of the importance of input features. Experimental results show a significant detection rate through a good subset of features deemed to be critical to the improvement of the performance of classifiers.

Keywords: intrusion detection, feature construction, factor analysis, k-means clustering, self organizing map

Retrieve PDF document (201003_12.pdf)

Received March 27, 2008; revised October 28, 2008 & April 3, 2009; accepted May 7, 2009.
^* This research was supported by the MKE (Ministry of Knowledge Economy), Korea, under the ITRC (Information Technology Research Center) support program supervised by the NIPA (National IT Industry Promotion Agency) (NIPA-2009-(C1090-0902-0016)).