A data reduction strategy and its application on scan and backscatter detection using rule-based classifiers

Journal article (2018)

Authors

V. Herrera Semenets Advanced Technologies Application Center
Osvaldo Andrés Pérez-García Advanced Technologies Application Center
Raudel Hernández-León Advanced Technologies Application Center
Jan van den Berg Cyber Security - EEMCS ,
C. Dörr Cyber Security - EEMCS
Research Group
Cyber Security (EEMCS) (TU Delft)
Copyright: © 2018 V. Herrera Semenets, Osvaldo Andrés Pérez-García, Raudel Hernández-León, Jan van den Berg, C. Dörr
DOI
help_outline
https://doi.org/10.1016/j.eswa.2017.11.041
Data mining Backscatter Data reduction Intrusion detection Scan
More Info
expand_more

Published Date

2018

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Intelligent Systems

Research Group

Cyber Security

Abstract

In the last few years, the telecommunications scenario has experienced an increase in the volume of information generated, as well as in the execution of malicious activities. In order to complement Intrusion Detection Systems (IDSs), data mining techniques have begun to play a fundamental role in data analysis. On the other hand, the presence of useless information and the amount of data generated by telecommunication services (leading to a huge dimensional problem), can affect the performance of traditional IDSs. In this sense, a data preprocessing strategy is necessary to reduce data, but reducing data without affecting the accuracy of IDSs represents a challenge. In this paper, we propose a new data preprocessing strategy which reduces the number of features and instances in the training collection without greatly affecting the achieved accuracy of IDSs. Finally, our proposal is evaluated using four different rule-based classifiers, which are tested on real scan and backscatter data collected by a network telescope.