Feature Reduction for Intrusion Detection Using Linear Discriminant Analysis

Intrusion detection is one of core technologies of computer security. It is required to protect the security of computer network systems. Most of existing IDs use all features in the network packet to look for known intrusive patterns. Some of these features are irrelevant or redundant. A well-defined feature extraction algorithm makes the classification process more effective and efficient. The Feature extraction step aims at representing patterns in a feature space where the highest discrimination between legitimate and attack patterns is attained. The Classification step perform the intrusion detection task either by alerting if an observed pattern is described by an attack patterns model, usually called signature or misuse-based IDS, or by alerting if it is not described by a model of legitimate activity, usually called anomaly-based IDs.In this paper, Linear Discriminant Analysis algorithm is used to extraction of features for detecting intrusions and Back Propagation Algorithm is used for classification of attacks. Tests are done on NSL-KDD dataset which is improved version of KDD-99 data set. Results showed that the proposed model gives better and robust representation as it is able to transform features resulting in great data reduction, time reduction and error reduction in detecting new attacks.