FAFS: A Fuzzy Association Feature Selection Method for Network Malicious Traffic Detection

• Yongxin Feng,
• Yingyun Kang,
• Hao Zhang,
• Wenbo Zhang,

Vol. 14, No. 1, January 31, 2020
10.3837/tiis.2020.01.014, Download Paper (Free):

• Network security; malicious traffic detection; association rules; fuzzy inference; feature selection

Abstract

Analyzing network traffic is the basis of dealing with network security issues. Most of the network security systems depend on the feature selection of network traffic data and the de-tection ability of malicious traffic in network can be improved by the correct method of feature selection. An FAFS method, which is short for Fuzzy Association Feature Selection method, is proposed in this paper for network malicious traffic detection. Association rules, which can reflect the relationship among different characteristic attributes of network traffic data, are mined by association analysis. The membership value of association rules are obtained by the calculation of fuzzy reasoning. The data features with the highest correlation intensity in network data sets are calculated by comparing the membership values in association rules. The dimension of data features are reduced and the detection ability of malicious traffic detection algorithm in network is improved by FAFS method. To verify the effect of malicious traffic feature selection by FAFS method, FAFS method is used to select data features of different dataset in this paper. Then, K-Nearest Neighbor algorithm, C4.5 Decision Tree algorithm and Naïve Bayes algorithm are used to test on the dataset above. Moreover, FAFS method is also compared with classical feature selection methods. The analysis of experimental results show that the precision and recall rate of malicious traffic detection in the network can be signifi-cantly improved by FAFS method, which provides a valuable reference for the establishment of network security system.

Statistics

Cite this article