Embedded feature selection method for a network-level behavioural analysis detection model

Mohammad Hafiz Mohd Yusof, Mohd Rosmadi Mokhtar, Abdullah Mohd. Zin, Carsten Maple

Research output: Contribution to journalArticle

Abstract

Feature selection in network-level behavioural analysis studies is used to represent the network datasets of a monitored space. However, recent studies have shown that current behavioural analysis methods at the network-level have several issues. The reduction of millions of instances, disregarded parameters, removed similarities of most of the traffic flows to reduce information noise, insufficient number of optimised features and ignore instances which are not an entity are amongst the other issue that have been identified as the main issues contributing to the inability to predict zero-day attacks. Therefore, this paper aims to select the optimal features that will improve the prediction and behavioural analysis. The training dataset will be trained to use the embedded feature selection method which incorporates both the filter and wrapper method. Correlation coefficient, r and weighted score, wj will be used. The accepted or selected features will be optimised uses Beta distribution functions, β, to find its maximum likelihood, lmax. The final selected features will be trained by the Bayesian Network classifier and tested through several testing datasets. Finally, this method was compared to several other feature selection methods. Final results show the proposed selection method's performance against other datasets consistently outperform other methods.

Original languageEnglish
Pages (from-to)509-517
Number of pages9
JournalInternational Journal of Advanced Computer Science and Applications
Volume9
Issue number12
DOIs
Publication statusPublished - 1 Jan 2018

Fingerprint

Feature extraction
Bayesian networks
Maximum likelihood
Distribution functions
Classifiers
Testing

Keywords

  • Behavioural analysis
  • Feature selection
  • Intrusion detection

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Embedded feature selection method for a network-level behavioural analysis detection model. / Mohd Yusof, Mohammad Hafiz; Mokhtar, Mohd Rosmadi; Mohd. Zin, Abdullah; Maple, Carsten.

In: International Journal of Advanced Computer Science and Applications, Vol. 9, No. 12, 01.01.2018, p. 509-517.

Research output: Contribution to journalArticle

@article{4170542526fc46a989b02095ebba569f,
title = "Embedded feature selection method for a network-level behavioural analysis detection model",
abstract = "Feature selection in network-level behavioural analysis studies is used to represent the network datasets of a monitored space. However, recent studies have shown that current behavioural analysis methods at the network-level have several issues. The reduction of millions of instances, disregarded parameters, removed similarities of most of the traffic flows to reduce information noise, insufficient number of optimised features and ignore instances which are not an entity are amongst the other issue that have been identified as the main issues contributing to the inability to predict zero-day attacks. Therefore, this paper aims to select the optimal features that will improve the prediction and behavioural analysis. The training dataset will be trained to use the embedded feature selection method which incorporates both the filter and wrapper method. Correlation coefficient, r and weighted score, wj will be used. The accepted or selected features will be optimised uses Beta distribution functions, β, to find its maximum likelihood, lmax. The final selected features will be trained by the Bayesian Network classifier and tested through several testing datasets. Finally, this method was compared to several other feature selection methods. Final results show the proposed selection method's performance against other datasets consistently outperform other methods.",
keywords = "Behavioural analysis, Feature selection, Intrusion detection",
author = "{Mohd Yusof}, {Mohammad Hafiz} and Mokhtar, {Mohd Rosmadi} and {Mohd. Zin}, Abdullah and Carsten Maple",
year = "2018",
month = "1",
day = "1",
doi = "10.14569/IJACSA.2018.091271",
language = "English",
volume = "9",
pages = "509--517",
journal = "International Journal of Advanced Computer Science and Applications",
issn = "2158-107X",
publisher = "Science and Information Organization",
number = "12",

}

TY - JOUR

T1 - Embedded feature selection method for a network-level behavioural analysis detection model

AU - Mohd Yusof, Mohammad Hafiz

AU - Mokhtar, Mohd Rosmadi

AU - Mohd. Zin, Abdullah

AU - Maple, Carsten

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Feature selection in network-level behavioural analysis studies is used to represent the network datasets of a monitored space. However, recent studies have shown that current behavioural analysis methods at the network-level have several issues. The reduction of millions of instances, disregarded parameters, removed similarities of most of the traffic flows to reduce information noise, insufficient number of optimised features and ignore instances which are not an entity are amongst the other issue that have been identified as the main issues contributing to the inability to predict zero-day attacks. Therefore, this paper aims to select the optimal features that will improve the prediction and behavioural analysis. The training dataset will be trained to use the embedded feature selection method which incorporates both the filter and wrapper method. Correlation coefficient, r and weighted score, wj will be used. The accepted or selected features will be optimised uses Beta distribution functions, β, to find its maximum likelihood, lmax. The final selected features will be trained by the Bayesian Network classifier and tested through several testing datasets. Finally, this method was compared to several other feature selection methods. Final results show the proposed selection method's performance against other datasets consistently outperform other methods.

AB - Feature selection in network-level behavioural analysis studies is used to represent the network datasets of a monitored space. However, recent studies have shown that current behavioural analysis methods at the network-level have several issues. The reduction of millions of instances, disregarded parameters, removed similarities of most of the traffic flows to reduce information noise, insufficient number of optimised features and ignore instances which are not an entity are amongst the other issue that have been identified as the main issues contributing to the inability to predict zero-day attacks. Therefore, this paper aims to select the optimal features that will improve the prediction and behavioural analysis. The training dataset will be trained to use the embedded feature selection method which incorporates both the filter and wrapper method. Correlation coefficient, r and weighted score, wj will be used. The accepted or selected features will be optimised uses Beta distribution functions, β, to find its maximum likelihood, lmax. The final selected features will be trained by the Bayesian Network classifier and tested through several testing datasets. Finally, this method was compared to several other feature selection methods. Final results show the proposed selection method's performance against other datasets consistently outperform other methods.

KW - Behavioural analysis

KW - Feature selection

KW - Intrusion detection

UR - http://www.scopus.com/inward/record.url?scp=85059524432&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85059524432&partnerID=8YFLogxK

U2 - 10.14569/IJACSA.2018.091271

DO - 10.14569/IJACSA.2018.091271

M3 - Article

AN - SCOPUS:85059524432

VL - 9

SP - 509

EP - 517

JO - International Journal of Advanced Computer Science and Applications

JF - International Journal of Advanced Computer Science and Applications

SN - 2158-107X

IS - 12

ER -