Identifying Relevant Features of CSE-CIC-IDS2018 Dataset for the Development of an Intrusion Detection System

Intrusion detection systems (IDSs) are essential elements of IT systems. Their key component is a classification module that continuously evaluates some features of the network traffic and identifies possible threats. Its efficiency is greatly affected by the right selection of the features to be monitored. Therefore, the identification of a minimal set of features that are necessary to safely distinguish malicious traffic from benign traffic is indispensable in the course of the development of an IDS. This paper presents the preprocessing and feature selection workflow as well as its results in the case of the CSE-CIC-IDS2018 on AWS dataset, focusing on five attack types. To identify the relevant features, six feature selection methods were applied, and the final ranking of the features was elaborated based on their average score. Next, several subsets of the features were formed based on different ranking threshold values, and each subset was tried with five classification algorithms to determine the optimal feature set for each attack type. During the evaluation, four widely used metrics were taken into consideration.

Fuzzy Rule Interpolation Methods and Fri Toolbox

FRI methods are less popular in the practical application domain. One possible reason is the missing common framework. There are many FRI methods developed independently, having different interpolation concepts and features. One trial for setting up a common FRI framework was the MATLAB FRI Toolbox, developed by Johany\'ak et. al. in 2006. The goals of this paper are divided as follows: firstly, to present a brief introduction of the FRI methods. Secondly, to introduce a brief description of the refreshed and extended version of the original FRI Toolbox. And thirdly, to use different unified numerical benchmark examples to evaluate and analyze the Fuzzy Rule Interpolation Techniques (FRI) (KH, KH Stabilized, MACI, IMUL, CRF, VKK, GM, FRIPOC, LESFRI, and SCALEMOVE), that will be classified and compared based on different features by following the abnormality and linearity conditions [15].