Most of the existing Intrusion Detection System (IDS) uses all the features to determine whether an input does have an intrusive pattern or otherwise. Some of these features are redundant and some have little contribution to the detection process. The purpose of this study is to identify small number of significant features that can represent most of the attack types. Here, we used Kohonen SOM to classify the input data into their respective attack categories. Empirical results indicate that generic feature subset previously obtained is not suitable to represent all the attack categories. Instead, different categories of attacks best represented using different significant feature subset.
展开▼
