| With the progress of network, the importance of security is become more and more obvious, the traditional security device firewall has difficult in protecting network security alone. However, current intrusion detection systems lack of effectiveness, adaptability and extensibility, and especially, they become ineffective in the face of detecting new kind of attacks. Aimed at these shortcomings, this thesis takes a data-centric view to IDS and builds an intrusion detection model by mining audit data. As the data intrusion detection system processed contains a lot of redundancy and noise characteristics causing slow training and testing process, high resource consumption as well as poor detection rate. Feature selection can eliminate redundant and noisy features well. In order to improve performances of intrusion detection system in terms of detection speed and detection rate, thus a survey of intrusion detection system based on feature selection is necessary, and also conforms to the trend in the field of intrusion detection.An intrusion detection system model based on filter-model feature selection is introduced in the thesis. The algorithm of Chi-square, information gain and FCBF are adopted respectively to select features, and the algorithm of decision tree is used as classification approach. The author have examined the feasibility of the feature selection algorithm by conducting several experiments on KDD CUP'99 intrusion detection dataset which was categorized as DoS, PROBE, R2L and U2R.The experiment results show that for each type of attack, an intrusion detection system with a combination of feature selection algorithm proposed in the paper has better performances than that without feature selection algorithm in terms of building time, testing time, detecting known attacks and detecting unknown attacks. |
PDF Full Text Request