Date Added: Jan 2011
The network traffic data provided for the design of intrusion detection always are large with ineffective information and enclose limited and ambiguous information about users' activities. The authors study the problems and propose a two phases approach in the intrusion detection design. In the first phase, they develop a correlation-based feature selection algorithm to remove the worthless information from the original high dimensional database. Next, they design an intrusion detection method to solve the problems of uncertainty caused by limited and ambiguous information. In the experiments, they choose six UCI databases and DARPA KDD99 intrusion detection data set as the evaluation tools. Empirical studies indicate that the feature selection algorithm is capable of reducing the size of data set.