• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Security and Communication Networks (Online) >LAWRA: a layered wrapper feature selection approach for network attack detection
【24h】

LAWRA: a layered wrapper feature selection approach for network attack detection

机译:LAWRA:用于网络攻击检测的分层包装器功能选择方法

获取原文
获取外文期刊封面目录资料
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The feature selection phase in network attack detection is mostly classifier based, while clustering techniques are used for labeling and creating compact training datasets. Because clustering finds natural groupings in the data, in this paper, a clustering‐based layered wrapper feature selection approach, LAWRA, has been proposed for selecting appropriate features for attack detection. The existing layered feature selection approaches in attack detection are unable to give results with high precision and recall because of the dependence on classifier accuracy, fitness value, and so on. Hence, in this paper, LAWRA uses external cluster validity indices, F‐measure, and Fowlkes–Mallows index, for feature selection. The two indices are the harmonic and geometric mean of precision and recall, respectively. Each index identifies features that give high precision and high recall of the attack detection algorithm. The first layer of LAWRA identifies the feature subset that best distinguishes between normal and attack instances and the second layer identifies the best cooperating features using cooperative game theory. Experiments have been conducted on NSL‐KDD dataset, and LAWRA has been compared with the existing approaches using different classifiers. The results show that LAWRA gives better overall accuracy and F‐measure value than the other approaches. Copyright ? 2015 John Wiley & Sons, Ltd. LAWRA, a clustering‐based layered wrapper feature selection approach, has been proposed for selecting appropriate features for attack detection. LAWRA uses two external cluster validity indices, F‐measure and Fowlkes‐Mallows index, for feature selection. F‐measure and Fowlkes–Mallows index are the harmonic and geometric mean of precision and recall, respectively. LAWRA has been compared with the existing approaches using different classifiers on NSL‐KDD dataset. The results show that LAWRA gives better overall accuracy and F‐measure value than the other approaches.
机译:网络攻击检测中的特征选择阶段主要基于分类器,而聚类技术则用于标记和创建紧凑的训练数据集。由于聚类可以在数据中找到自然的分组,因此,本文提出了一种基于聚类的分层包装器特征选择方法LAWRA,用于为攻击检测选择合适的特征。由于依赖于分类器准确性,适应度值等,攻击检测中现有的分层特征选择方法无法给出高精度和召回率的结果。因此,在本文中,LAWRA使用外部聚类有效性指数F-measure和Fowlkes-Mallows指数进行特征选择。这两个指标分别是精度和召回率的谐波平均值和几何平均值。每个索引都标识可为攻击检测算法提供高精度和高召回性的功能。 LAWRA的第一层确定可以最佳区分正常实例和攻击实例的特征子集,第二层使用协作博弈理论确定最佳的协作特征。已经在NSL-KDD数据集上进行了实验,并将LAWRA与使用不同分类器的现有方法进行了比较。结果表明,LAWRA比其他方法具有更好的总体准确性和F度量值。版权? 2015年John Wiley&Sons,Ltd. LAWRA被提出,它是一种基于群集的分层包装器特征选择方法,用于为攻击检测选择合适的特征。 LAWRA使用两个外部聚类有效性指数F-measure和Fowlkes-Mallows指数进行特征选择。 F测量和Fowlkes-Mallows指数分别是精度和召回率的谐波和几何平均值。在NSL-KDD数据集上,使用不同分类器将LAWRA与现有方法进行了比较。结果表明,LAWRA比其他方法具有更好的总体准确性和F度量值。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号