Browse > Article
http://dx.doi.org/10.3837/tiis.2020.01.014

FAFS: A Fuzzy Association Feature Selection Method for Network Malicious Traffic Detection  

Feng, Yongxin (School of Information Science and Engineering, Shenyang Ligong University)
Kang, Yingyun (School of Information Science and Engineering, Shenyang Ligong University)
Zhang, Hao (School of Information Science and Engineering, Shenyang Ligong University)
Zhang, Wenbo (School of Information Science and Engineering, Shenyang Ligong University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.14, no.1, 2020 , pp. 240-259 More about this Journal
Abstract
Analyzing network traffic is the basis of dealing with network security issues. Most of the network security systems depend on the feature selection of network traffic data and the detection ability of malicious traffic in network can be improved by the correct method of feature selection. An FAFS method, which is short for Fuzzy Association Feature Selection method, is proposed in this paper for network malicious traffic detection. Association rules, which can reflect the relationship among different characteristic attributes of network traffic data, are mined by association analysis. The membership value of association rules are obtained by the calculation of fuzzy reasoning. The data features with the highest correlation intensity in network data sets are calculated by comparing the membership values in association rules. The dimension of data features are reduced and the detection ability of malicious traffic detection algorithm in network is improved by FAFS method. To verify the effect of malicious traffic feature selection by FAFS method, FAFS method is used to select data features of different dataset in this paper. Then, K-Nearest Neighbor algorithm, C4.5 Decision Tree algorithm and Naïve Bayes algorithm are used to test on the dataset above. Moreover, FAFS method is also compared with classical feature selection methods. The analysis of experimental results show that the precision and recall rate of malicious traffic detection in the network can be significantly improved by FAFS method, which provides a valuable reference for the establishment of network security system.
Keywords
Network security; malicious traffic detection; association rules; fuzzy inference; feature selection;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Xingbin Sun, Yanzan Sun, and Xiaoying Zheng, "A feature selection method for multi-class network traffic," Computer Application Research, vol.34, no. 2, pp. 568-571, February, 2017.
2 Xingbin Sun, and Yun Rui, "A Statistical Frequency-Based Method for Network Traffic Feature Selection," Small Micrcomputer System, vol. 37, no. 11, pp. 2483-2487, November, 2016.
3 Mohd Mahmood Ali, Mohd S Qaseem, Lakshmi Rajamani, A Govardhan, "Extracting useful rules through improved decision tree induction using information entropy," International Journal of Information Sciences & Techniques, vol. 3, no. 1, pp. 27-41, January 2013.   DOI
4 Frederico Coelho, Antonio Padua Braga, Michel Verleysen, "Multi-Objective Semi-Supervised Feature Selection and Model Selection Based on Pearson's Correlation Coefficient," International Journal of Information Sciences & Techniques, vol. 6419, no. 1, pp. 509-516, November, 2010.
5 Qilei Yin, and Pingping Wu, "Detection of Attack Time Series Association Rules Based on Apriori Algorithms," Computer Security, no. 9, pp. 2-7, September, 2014.
6 A. Salama, R. Saatchi and D. Burke, "Adaptive Sampling Technique for Computer Network Traffic Parameters Using a Combination of Fuzzy System and Regression Model," in Proc. of 4th International Conference on Mathematics and Computers in Sciences and in Industry (MCSI), pp. 206-211, August 24-27, 2017.
7 T. V. Avdeenko and E.S. Makarova, "Integration of Case-based and Rule-based Reasoning Through Fuzzy Inference in Decision Support Systems," Procedia Computer Science, vol. 103, pp. 447-453, January, 2017.   DOI
8 R. Khosravanian, M. Sabah, D. A. Wood, and A. Shahryari, "Weight on drill bit prediction models: Sugeno-type and mamdani-type fuzzy inference systems compared," Journal of Natural Gas Science and Engineering, vol. 36, pp. 280 - 297, November, 2016.   DOI
9 KDDCup1999Data. http://kdd.ics.uci.edu/databases/kddcup99/kddcup1999.html.
10 DARPA Intrusion Detection Evaluation. http://www.11.mit.edu/IST/ideval/index.html.
11 Modbus_traffic. http://download.csdn.net/download/a1187006940/9540421.html.
12 Zhihong Zhang, Lu Bai, Yuanheng Liang, Edwin Hancock, "Joint hypergraph learning and sparse regression for feature selection," Pattern Recognit, vol. 63, pp. 291-309, June, 2017.   DOI
13 Jose Andre Morales, Areej Al-bataineh, Shouhuai Xu, Ravi Sandhu, "Analyzing and exploiting network behaviors ofMalware," in Proc. of 6th International Congerence on Security and Privacy in Communication Systems, vol. 50, pp. 20-34, September 7-9, 2010.
14 Wei Wang, Yiqiang Sheng, and Jinlin Wang, Xuewen Zeng, Xiaozhou Ye, Yongzhong Huang, Ming Zhu, "HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection," IEEE Access, vol. 6, no. 99, pp. 1792-1806, December, 2017.
15 Christian Rossow, Christian J. Dietrich, Herbert Bos, Lorenzo Cavallaro, Maarten van Steen, Felix C. Freiling, Norbert Pohlmann, "Sandnet: Network Traffic Analysis of Malicious Software," in Proc. of Workshop on Building Analysis Datasets & Gathering Experience Returns for Security, pp. 77-78, April 10, 2011.
16 Xiyue Deng, Hao Shi, Jelena Mirkovic, "Understanding Malware's Network Behaviors using Fantasm," in Proc. of LASER 2017 Learning from Authoritative Security Experiment Results, pp. 1-11, October 18-19, 2017.
17 Razieh Sheikhpour, Mehdi Agha Sarram, Sajjad Gharaghani, Mohammad Ali Zare Chahooki. Chahooki, "A survey on semi-supervised feature selection methods," Pattern Recognit, vol. 64, pp. 141-158, April, 2017.   DOI
18 Sergio Ramirez-Gallego, Hector Mourino-Talin, David Martinez-Rego, Veronica Bolon-Canedo, Jose Manuel Benitez, Amparo Alonso-Betanzos, Francisco Herrera, "An information theory-based feature selection framework for big data under apache spark," IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 48, pp. 1441 - 1453, September, 2018.   DOI
19 Jundong Li, Kewei Cheng, Suhang Wang, Fred Morstatter, Robert P. Trevino, Jiliang Tang, Huan Liu, "Feature selection: a data perspective," ACM Computing Surveys, vol. 50, pp. 94:1-94:45, 2017.
20 Wen Gao, Yaguan Qian, Chunming Wu, Ye Guo, Kai Zhu, Shuangxi Chen, "The Divide-Conquer and Voting Strategy for Traffic Feature Selection," Chinese Journal of Electronic Science, vol. 43, no. 4, pp. 795-799, April, 2015.
21 Fei Tang, and Hemant Ishwaran, "Random Forest Missing Data Algorithms," Statistical Analysis & Data Mining the Asa Data Science Journal, vol. 10, no. 6, pp. 221-246, June, 2017.