Identifying Reduced Features Based on IG-Threshold for DoS Attack Detection Using PART

Abstract

Benchmark datasets are available to test and evaluate intrusion detection systems. The benchmark datasets are characterized by high volume and dimensionality curse. The feature reduction plays an important role in a machine learning-based intrusion detection system to identify relevant and irrelevant features with respect to the classification. This paper proposes a method for the identification of reduced features for the classification of Denial of Service (DoS) attack. The reduced feature technique is based on Information Gain (IG) and Threshold Limit Value (TLV). The proposed approach detects DoS attack using a reduced feature set from the original feature set with PART classifier. The proposed approach is implemented and tested on CICIDS 2017 dataset. The experimentation shows improved results in terms of performance with a reduced feature set. Finally, the performance of the proposed system is compared with the original feature set.