Relevance Features Selection for Intrusion Detection

  • Adetunmbi Adebayo Olusola
  • Oladele S. Adeola
  • Oladuni Abosede Daramola
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 103)


The rapid development of business and other transaction systems over the Internet makes computer security a critical issue. In recent times, data mining and machine learning have been subjected to extensive research in intrusion detection with emphasis on improving the accuracy of detection classifier. But selecting important features from input data lead to a simplification of the problem, faster and more accurate detection rates. In this paper, we presented the relevance of each feature in KDD’99 intrusion detection dataset to the detection of each class. Rough set degree of dependency and dependency ratio of each class were employed to determine the most discriminating features for each class. Empirical results show that seven features were not relevant in the detection of any class.


Class Label Intrusion Detection Intrusion Detection System Dependency Ratio Attack Type 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. Adetunmbi AO, Alese BK, Ogundele OS, Falaki SO (2007) A data mining approach to network intrusion detection. J Comp Sci Appl 14(2):24–37Google Scholar
  2. Adetunmbi AO, Adeola OS, Daramola OA (2010) Analysis of KDD’99 Intrusion detection dataset for selection of relevance features. Lecture notes in engineering and computer science: proceedings of the world congress on engineering and computer science 2010 (WCECS 2010), vol 1, San Francisco, USA, 20–22 Oct 2010, pp 162–168Google Scholar
  3. Adetunmbi AO, Falaki SO, Adewale OS, Alese BK (2008) Intrusion detection based on rough set and k-nearest neighbour. Int J Comput ICT Res 2(1):60–66Google Scholar
  4. Ajith A, Ravi J, Johnson T, Sang YH (2005) D-SCIDS: distributed soft computing intrusion detection system. J Network Comp Appl 28(1):1–19, ElsevierCrossRefGoogle Scholar
  5. Axelsson S (1999) The base –rate fallacy and its implication for the difficulty of intrusion detection. In: Proceedings of the 6th ACM conference on computer and communication security, Singapore, pp 127–141Google Scholar
  6. Bace R, Mell P (2001) Intrusion detection system, NIST special publications SP 800. NovemberGoogle Scholar
  7. Byung-Joo K, Il-Kon K (2005) Machine Learning approach to real time intrusion detection system. In: Zhang S, Jarvis (eds) Lecture notes in artificial intelligence, vol 3809. Springer, Berlin, Heidelberg, pp 153–163Google Scholar
  8. Byunghae C, kyung WP, Jaittyun S (2005) Neural networks techniques for host anomaly intrusion detection using fixed pattern transformation in ICCSA. LNCS 3481:254–263Google Scholar
  9. Jiawei H, Micheline K (2006) Data mining concepts and techniques, 2nd ed. China Machine Press,Singapore, pp 296–303Google Scholar
  10. Kayacik HG, Zincir-Heywood AN, Heywood ML (2006) Selecting features for intrusion detection: a feature analysis on KDD 99 intrusion detection datasetsGoogle Scholar
  11. KDD Cup 1999 Data: Available:
  12. Komorowski J, Pokowski L, Skowron A (1998) Rough sets: a tutorial.
  13. Lee W, Stolfo SJ, Mok K (1999) Data mining in work flow environments: experiments in intrusion detection. In: Proceedings of the 1999 conference on knowledge discovery and data mining, 15–18 Aug 1999, San Diego, CAGoogle Scholar
  14. Mukkamala S, Janoski G, Sung A (2002) Intrusion detection using neural networks and support vector machines. In: Proceedings of IEEE international joint conference on neural networks, pp 1702–1707Google Scholar
  15. Pavel L, Patrick D, Christia S, Konrad R (2005) Learning intrusion detection: supervised or unsupervised? International conference on image analysis and processing, (ICAP). Italie 2005(3617):50–57Google Scholar
  16. Quinlan JL (1993) C4.5 program for machine learning, Morgan Kaufmam, USAGoogle Scholar
  17. Sanjay R, Gulati VP, Arun KP (2005) A fast host-based intrusion detection system using rough set theory in transactions on rough sets IV. LNCS 3700(2005):144–161Google Scholar
  18. Susan MB, Rayford BV (2000) Intrusion detection via fuzzy data mining. Proceedings of the 12th annual Canadian Information Technology Security Symposium, Ottawa, Canada, Jun 19–23, pp 109–122Google Scholar
  19. Sung AH, Mukkamala S (2003) Identifying important features for intrusion detection using support vector machines and neural networks. IEEE proceedings of the 2003 symposium on applications and the InternetGoogle Scholar
  20. Zhang L, Zhang G, YU L, Zhang J, Bai Y (2004) Intrusion detection using rough set classification. J Zhejiang Univ Sci 5(9):1076–1086CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  • Adetunmbi Adebayo Olusola
    • 1
  • Oladele S. Adeola
  • Oladuni Abosede Daramola
  1. 1.Department of Computer ScienceFederal University of TechnologyAkureNigeria

Personalised recommendations