A data reduction strategy and its application on scan and backscatter detection using rule-based classifiers
V. Herrera Semenets (Advanced Technologies Application Center)
Osvaldo Andrés Pérez-García (Advanced Technologies Application Center)
Raudel Hernández-León (Advanced Technologies Application Center)
J. van den Berg (TU Delft - Information and Communication Technology, TU Delft - Cyber Security)
C. Dörr (TU Delft - Cyber Security)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
In the last few years, the telecommunications scenario has experienced an increase in the volume of information generated, as well as in the execution of malicious activities. In order to complement Intrusion Detection Systems (IDSs), data mining techniques have begun to play a fundamental role in data analysis. On the other hand, the presence of useless information and the amount of data generated by telecommunication services (leading to a huge dimensional problem), can affect the performance of traditional IDSs. In this sense, a data preprocessing strategy is necessary to reduce data, but reducing data without affecting the accuracy of IDSs represents a challenge. In this paper, we propose a new data preprocessing strategy which reduces the number of features and instances in the training collection without greatly affecting the achieved accuracy of IDSs. Finally, our proposal is evaluated using four different rule-based classifiers, which are tested on real scan and backscatter data collected by a network telescope.