Abstract
Feature selection in network-level behavioural analysis studies is used to represent the network datasets of a monitored space. However, recent studies have shown that current behavioural analysis methods at the network-level have several issues. The reduction of millions of instances, disregarded parameters, removed similarities of most of the traffic flows to reduce information noise, insufficient number of optimised features and ignore instances which are not an entity are amongst the other issue that have been identified as the main issues contributing to the inability to predict zero-day attacks. Therefore, this paper aims to select the optimal features that will improve the prediction and behavioural analysis. The training dataset will be trained to use the embedded feature selection method which incorporates both the filter and wrapper method. Correlation coefficient, r and weighted score, wj will be used. The accepted or selected features will be optimised uses Beta distribution functions, β, to find its maximum likelihood, Ɩmax. The final selected features will be trained by the Bayesian Network classifier and tested through several testing datasets. Finally, this method was compared to several other feature selection methods. Final results show the proposed selection method’s performance against other datasets consistently outperform other methods.
Highlights
Behavioural analysis has become a trending research area compared to signature-based studies [1]
Since suitable algorithms for extracting portions of the feature from the packets automatically is an open question [8] in research, this paper aims to select for the optimal features that will improve the prediction and behavioural analysis
We implemented two feature selection methods as shown in phase 2 in the methodology section, whereby the features training dataset and variations of Network Socket Layer (NSL) and the KDD dataset in the later operation was used in the testing dataset as well
Summary
Behavioural analysis has become a trending research area compared to signature-based studies [1]. The author of [4] describes the behavioural analysis model as being used to discover malware adaptation tactics that are difficult to understand through static signatures. These statements have led to the discussion in this paper on the existing studies in relation to behavioural-based analysis methods, in the network environment. Feature selection in networklevel behavioural analysis studies is used to represent the network dataset of a monitored space [4]. The research of [4] used Internet Protocol addresses as a feature to represent the monitored space. The author in [5], on the other hand, used application protocol HTTP to represent his selection feature
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
