Abstract
In order to keep fast and accurate in feature selection for network traffic anomaly detection, this paper proposes a hybrid feature selection method. Firstly, to reduce the calculation and to identify the redundant features, we regard the ratio of mutual information between features to a feature entropy as the redundancy degree of the feature. If the ratio is greater than a predefined threshold, the feature is judged as redundant and will be deleted from the feature set. Secondly, based on the feature set whose redundant features have been removed, this method uses the ratio of the anomaly detection accuracy after and before delete one feature from the feature set to measure the effect of the feature on detection. Then, the features are sorted in ascending order of the ratio and the top k features with the highest detection accuracy are selected as the result. Experimental results show that the proposed method can quickly screen out a feature subset with good detection performance and lower dimensions.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
