Automatic Dataset Labelling and Feature Selection for Intrusion Detection Systems.pdf (618.41 kB)
Automatic dataset labelling and feature selection for intrusion detection systems
conference contribution
posted on 2015-05-12, 15:06 authored by Francisco Aparicio-Navarro, Kostas KyriakopoulosKostas Kyriakopoulos, David ParishCorrectly labelled datasets are commonly required. Three particular scenarios are highlighted, which showcase this need. When using supervised Intrusion Detection Systems (IDSs), these systems need labelled datasets to be trained. Also, the real nature of the analysed datasets must be known when evaluating the efficiency of the IDSs when detecting intrusions. Another scenario is the use of feature selection that works only if the processed datasets are labelled. In normal conditions, collecting labelled datasets from real networks is impossible. Currently, datasets are mainly labelled by implementing off-line forensic analysis, which is impractical because it does not allow real-time implementation. We have developed a novel approach to automatically generate labelled network traffic datasets using an unsupervised anomaly based IDS. The resulting labelled datasets are subsets of the original unlabelled datasets. The labelled dataset is then processed using a Genetic Algorithm (GA) based approach, which performs the task of feature selection. The GA has been implemented to automatically provide the set of metrics that generate the most appropriate intrusion detection results.
Funding
This work was supported by the Engineering and Physical Sciences Research Council (EPSRC) Grant number EP/K014307/1 and the MOD University Research Collaboration in Signal Processing.
History
School
- Mechanical, Electrical and Manufacturing Engineering
Published in
Proceedings - IEEE Military Communications Conference MILCOMPages
46 - 51Citation
APARICIO-NAVARRO, F.J., KYRIAKOPOULOS, K.G. and PARISH, D.J., 2014. Automatic dataset labelling and feature selection for intrusion detection systems. IN: Proceedings of the IEEE Military Communications Conference MILCOM 2014, pp. 46 - 51.Publisher
© IEEEVersion
- AM (Accepted Manuscript)
Publication date
2014Notes
© 2014 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.ISBN
9781479967704Publisher version
Language
- en