|
|
|
| Research on the Feasibility of TCP/IP Feature Reduction for Intrusion Detection |
| Tian Jun-feng; Wang Hui-ran; Fu Yue |
| Institute of Network Technology, Hebei University, Baoding 071002, China |
|
|
|
|
Abstract At present some Intrusion Detection Systems (IDS) use the features of TCP/IP data packets for analysis and modeling, but due to the different contribution of TCP/IP features to the detecting process a favorable impact may be made on the promotion of IDS’s detecting rate and real time if the quantity of properties can be reduced properly without affecting the precision of detection. Therefore, a Decision Tree Rule-based Statistical method (DTRS) in light of this is presented to reduce TCP/IP features. Its primary concept is to create n decision trees in n data subsets, extract the rules, work out the relatively important features in accordance with the frequency of use of different features and verify its feasibility and effectiveness through tests.
|
|
Received: 16 December 2005
|
|
|
|
|
|
|
|
|
2007, Vol. 29 
