Random forest

Linguistics

Philosophy

Information gain

Support vector machine

Statistical classification

Anomaly detection

Data mining

Computer science

Anomaly (physics)

C4.5 algorithm

Outlier

Physics

Naive Bayes classifier

Pattern recognition (psychology)

Data pre-processing

Feature selection

Feature (linguistics)

Information gain ratio

Condensed matter physics

Artificial intelligence

Intrusion detection system

Machine learning

Preprocessor

IEEE Access

Feature selection (FS) is one of the important tasks of data preprocessing in data analytics. The data with a large number of features will affect the computational complexity, increase a huge amount of resource usage and time consumption for data analytics. The objective of this study is to analyze relevant and significant features of huge network traffic to be used to improve the accuracy of traffic anomaly detection and to decrease its execution time. Information Gain is the most feature selection technique used in Intrusion Detection System (IDS) research. This study uses Information Gain, ranking and grouping the features according to the minimum weight values to select relevant and significant features, and then implements Random Forest (RF), Bayes Net (BN), Random Tree (RT), Naive Bayes (NB) and J48 classifier algorithms in experiments on CICIDS-2017 dataset. The experiment results show that the number of relevant and significant features yielded by Information Gain affects significantly the improvement of detection accuracy and execution time. Specifically, the Random Forest algorithm has the highest accuracy of 99.86% using the relevant selected features of 22, whereas the J48 classifier algorithm provides an accuracy of 99.87% using 52 relevant selected features with longer execution time.

CICIDS-2017 Dataset Feature Analysis With Information Gain for Anomaly Detection