American Journal of Applied Sciences

From Feature Selection to Building of Bayesian Classifiers: A Network Intrusion Detection Perspective

Kok-Chin Khor, Choo-Yee Ting and Somnuk-Phon Amnuaisuk

DOI : 10.3844/ajassp.2009.1948.1959

American Journal of Applied Sciences

Volume 6, Issue 11

Pages 1948-1959

Abstract

Problem statement: Implementing a single or multiple classifiers that involve a Bayesian Network (BN) is a rising research interest in network intrusion detection domain. Approach: However, little attention has been given to evaluate the performance of BN classifiers before they could be implemented in a real system. In this research, we proposed a novel approach to select important features by utilizing two selected feature selection algorithms utilizing filter approach. Results: The selected features were further validated by domain experts where extra features were added into the final proposed feature set. We then constructed three types of BN namely, Naive Bayes Classifiers (NBC), Learned BN and Expert-elicited BN by utilizing a standard network intrusion dataset. The performance of each classifier was recorded. We found that there was no difference in overall performance of the BNs and therefore, concluded that the BNs performed equivalently well in detecting network attacks. Conclusion/Recommendations: The results of the study indicated that the BN built using the proposed feature set has less features but the performance was comparable to BNs built using other feature sets generated by the two algorithms.

Copyright

© 2009 Kok-Chin Khor, Choo-Yee Ting and Somnuk-Phon Amnuaisuk. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.