SUST Repository

Impact of Features Reduction on the Performance of Anomaly Detection Algorithms

Show simple item record

dc.contributor.author Ibrahim, Reem Mohammed
dc.contributor.author Supervisor - Mohamed Awad Elshaikh
dc.date.accessioned 2014-04-20T12:15:32Z
dc.date.available 2014-04-20T12:15:32Z
dc.date.issued 2013-08-01
dc.identifier.citation Ibrahim,Reem Mohammed.Impact of Features Reduction on the Performance of Anomaly Detection Algorithms/ Reem Mohammed Ibrahim؛ Mohamed Awad Elshaikh-Khartoum : sudan university of science and technology, computer science,2013.-77p:ill;28cm.-M.Sc. en_US
dc.identifier.uri http://repository.sustech.edu/handle/123456789/4565
dc.description Thesis en_US
dc.description.abstract Intrusion detection is an exemplary method designed to monitor the actions happening in a network. Then analyze them for suspected patterns that may identify a network or system violation from someone trying to penetrate and endanger the system. So an Intrusion Detection System (IDS) is software which is applied automatically as a procedure to stop the penetration and attacks of the intruders. It is applied as either Signature recognition or Anomaly detection methodologies. Most of existing IDS required reduction technique in order to minimize the features of data which is irrelevant or redundant. This is needed in case of high dimensionality in network traffic. It is also known that the reduction technique helps the classification algorithms to be very effective. As for the Classification, it achieves and executes the intrusion detection job practically. We realize that Kernel Principal Component Analysis (KPCA) is recognized as a robustification reduction method for standard Principal Component Analysis (PCA) [34]. This research adopts an optimal anomaly detection method to detect multivariate attacks. This method is going to be achieved by measuring the performance of different functions of KPCA as a reduction method applied to different classification algorithms to find out which function of KPCA is the best with any algorithm. Consequently we show that KPCA's methods will not always outperform standard PCA. The final detection's performance, in fact depends on the used classification algorithm. The experiments with NSL-KDD data set demonstrate that the adopted method achieves 98.048% in detection rate and 98.261% in precision with 1.484% false positive rate, consequently outperforms all the other methods. Moreover the results prove that [PCA & K-Nearest Neighbor] outperform [KPCA (Gaussian) & K-Nearest Neighbor] and [KPCA (Quadratic) & K-Nearest Neighbor]. In addition [PCA and Discriminant Analysis] outperform [KPCA (Quadratic) & Discriminant Analysis]. en_US
dc.description.sponsorship sudan university of science and technology en_US
dc.language.iso en_US en_US
dc.publisher sudan university of science and technology en_US
dc.subject Algorithms en_US
dc.subject Anomaly en_US
dc.subject IDS en_US
dc.title Impact of Features Reduction on the Performance of Anomaly Detection Algorithms en_US
dc.title.alternative تأثير تقليل الخصائص في أداء خوارزميات اكتشاف الشواذ en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Share

Search SUST


Browse

My Account