摘要
Due to the amount of data that an IDS needs to examine is very large, it is necessary to reduce the audit features and neglect the redundant features. Therefore, we investigated the performance to reduce TCP/IP features based on the decision tree rule-based statistical method(DTRS). Its main idea is to create n decision trees in n data subsets, extract the rules, work out the relatively important features in accordance with the frequency of use of different features and demonstrate the performance of reduced features better than primary features by experimental resuits.
Due to the amount of data that an IDS needs to examine is very large, it is necessary to reduce the audit features and neglect the redundant features. Therefore, we investigated the performance to reduce TCP/IP features based on the decision tree rule-based statistical method(DTRS). Its main idea is to create n decision trees in n data subsets, extract the rules, work out the relatively important features in accordance with the frequency of use of different features and demonstrate the performance of reduced features better than primary features by experimental resuits.
基金
Supported by Natural Science Foundation of Hebei Prov-ince (F2004000133)