The Discretization Algorithm for Rough Data and Its Application to Intrusion Detection

The data processed by intrusion detection systems usually is vague, uncertainty, imprecise and incomplete. Rough Set theory is one of the best methods to process this kind of data. But Rough Set theory can only process some discrete data. So the data with continuous numerical attributes must be discretized before they are used. Some current discretization algorithms are classified and reviewed in detail. The mathematical descriptions of the discretization problem and intrusion detection are given by means of Rough Set theory. By fusing Rough Set theory with entropy theory we propose a simple and fast discretization algorithm based on information loss. The algorithm is applied to different samples with the same attributes from KDDcup99 and intrusion detection systems. The discretized data is used to reduce attributes so as to relieve the payload of intrusion detection systems. The experimental results show that the proposed discretization algorithm is sensitive to the initial samples only for part of all condition attributes. But the algorithm dose not compromise the effect of intrusion detection and it improves the response performance of the intrusion detection model remarkably.