Large data dimensionality is one of the issues in anomaly detection. One approach used to overcome large data dimensions is feature selection. An effective feature selection technique will produce the most relevant features and can improve the classification algorithm to detect attacks. There have been many studies on feature selection techniques, each using different methods and strategies to find the best and relevant features. In this study, a comparison of Information Gain, Gain Ratio, CFs-BestFirst and CFs-PSO Search techniques was compared. The selection features of the four techniques were further validated by the Naive Bayes classification algorithm, k-NN and J48. This study uses the ISCX CICIDS-2017 dataset. Based on the test results the feature selection techniques affect the performance of the Naive Bayes algorithm, k-NN and J48. Increasingly relevant and important features can improve detection performance. The test results also show that the number of features influences the processing / computing time. CFs-BestFirst produces a smaller number of features compared to CFs-PSO Search, Information Gain and Gain Ratio so it requires lower processing time. In addition, k-NN requires a higher processing time than Naive Bayes and J48

Feature Selection; Anomaly Detection; CICIDS-2017; Information Gain; Gain Ratio; Correlation-Based; PSO-Search

J. Zhang, H. Li, Q. Gao, H. Wang, and Y. Luo, “Detecting anomalies from big network traffic data using an adaptive detection approach,” Inf. Sci. (Ny)., vol. 318, no. August, pp. 91–110, 2015.

G. Chandrashekar and F. Sahin, “A survey on feature selection methods,” Comput. Electr. Eng., vol. 40, no. 1, pp. 16–28, 2014.

Y. Dhote, S. Agrawal, and A. J. Deen, “A Survey on Feature Selection Techniques for Internet Traffic Classification,” Proc. - 2015 Int. Conf. Comput. Intell. Commun. Networks, CICN 2015, pp. 1375–1380, 2016.

R. F. Najeeb and B. N. Dhannoon, “Classification for Intrusion Detection with Different Feature Selection Methods : A Survey ( 2014-2016),” Int. J. Adv. Res. Comput. Sci. Softw. Eng., vol. 7, no. 5, pp. 305–311, 2017.

P. R. K. Varma, V. V. Kumari, and S. S. Kumar, A Survey of Feature Selection Techniques in Intrusion Detection System: A Soft Computing Perspective, vol. 710. Springer Singapore, 2018.

S. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” J. Comput. Sci., vol. 25, pp. 152–160, 2018.

M. El Boujnouni and M. Jedra, “New Intrusion Detection System Based on Support Vector Domain Description with Information Gain Metric,” Int. J. Netw. Secur., vol. 20, no. 1, pp. 25–34, 2018.

N. Araújo, “Identifying Important Characteristics in the KDD99 Intrusion Detection Dataset by Feature Selection using a Hybrid Approach,” pp. 552–558, 2010.

P. Kushwaha, H. Buckchash, and B. Raman, “Anomaly based intrusion detection using filter based feature selection on KDD-CUP 99,” IEEE Reg. 10 Annu. Int. Conf. Proceedings/TENCON, vol. 2017-Decem, pp. 839–844, 2017.

N. Sainis, “Feature Classification and Outlier Detection to Increased Accuracy in Intrusion Detection System,” Int. J. Appl. Eng. Res., vol. 13, no. 10, pp. 7249–7255, 2018.

K. A. Taher, B. M. Yasin Jisan, and M. M. Rahman, “Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection,” 2019 Int. Conf. Robot. Signal Process. Tech., pp. 643–646, 2019.

V. Zhang and L. J. Zhang, “A rule generation model using S-PSO for Misuse Intrusion Detection,” ICCASM 2010 - 2010 Int. Conf. Comput. Appl. Syst. Model. Proc., vol. 3, no. Iccasm, pp. 418–423, 2010.

A. Panigrahi and M. R. Patra, “An evolutionary computation based classification model for network intrusion detection,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 8956, pp. 318–324, 2015.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” ICISSP 2018 - Proc. 4th Int. Conf. Inf. Syst. Secur. Priv., vol. 2018-Janua, no. Cic, pp. 108–116, 2018.

K. Goeschel, “Reducing false positives in intrusion detection systems using data-mining techniques utilizing support vector machines, decision trees, and naive Bayes for off-line analysis,” Conf. Proc. - IEEE SOUTHEASTCON, vol. 2016-July, 2016.

S. Mukherjee and N. Sharma, “Intrusion Detection using Naive Bayes Classifier with Feature Reduction,” vol. 4, pp. 119–128, 2012.

G. Serpen and E. Aghaei, “Host-based misuse intrusion detection using PCA feature extraction and kNN classification algorithms,” Intell. Data Anal., vol. 22, no. 5, pp. 1101–1114, 2018.

S. Sahu and B. M. Mehtre, “Network intrusion detection system using J48 Decision Tree,” 2015 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2015, pp. 2023–2026, 2015.

N. F. Haq, A. R. Onik, and F. M. Shah, “An ensemble framework of anomaly detection using hybridized feature selection approach (HFSA),” IntelliSys 2015 - Proc. 2015 SAI Intell. Syst. Conf., pp. 989–995, 2015.

S. Chormunge and S. Jena, “Efficient feature subset selection algorithm for high dimensional data,” Int. J. Electr. Comput. Eng., vol. 6, no. 4, pp. 1880–1888, 2016.

P. Bereziński, B. Jasiul, and M. Szpyrka, “An entropy-based network anomaly detection method,” Entropy, vol. 17, no. 4, pp. 2367–2408, 2015.

H. EzzatIbrahim, S. M. Badr, and M. A. Shaheen, “Adaptive Layered Approach using Machine Learning Techniques with Gain Ratio for Intrusion Detection Systems,” Int. J. Comput. Appl., vol. 56, no. 7, pp. 10–16, 2012.

H. Chae and S. H. Choi, “Feature Selection for efficient Intrusion Detection using Attribute Ratio,” Int. J. Comput. Commun., vol. 8, pp. 134–139, 2014.

I. Syarif, “Feature Selection of Network Intrusion Data using Genetic Algorithm and Particle Swarm Optimization,” Emit. Int. J. Eng. Technol., vol. 4, no. 2, pp. 277–290, 2016.

A. I. Madbouly and T. M. Barakat, “Enhanced relevant feature selection model for intrusion detection systems,” Int. J. Intell. Eng. Informatics, vol. 4, no. 1, p. 21, 2016.

T. Ahmad and M. N. Aziz, “Data preprocessing and feature selection for machine learning intrusion detection systems,” ICIC Express Lett., vol. 13, no. 2, pp. 93–101, 2019.

B. Dhruba K and K. Jugal K, Network Anomaly Detection A Machine Learning Perspective. 2014.

S. Agrawal and J. Agrawal, “Survey on Anomaly Detection using Data Mining Techniques,” Procedia - Procedia Comput. Sci., vol. 60, pp. 708–713, 2015.

A. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Commun. Surv. Tutorials, vol. PP, no. 99, p. 1, 2015.

D. Summeet and D. Xian, Data Mining and Machine Learning in Cybersecurity. CRC Press, 2011.

S. Aljawarneh, M. B. Yassein, and M. Aljundi, “An enhanced J48 classification algorithm for the anomaly intrusion detection systems,” Cluster Comput., pp. 1–17, 2017.

R. Goel, A. Sardana, and R. C. Joshi, “Parallel Misuse and Anomaly Detection Model,” vol. 14, no. 4, pp. 211–222, 2012.

T. Garg and S. S. Khurana, “Comparison of classification techniques for intrusion detection dataset using WEKA,” Int. Conf. Recent Adv. Innov. Eng. ICRAIE 2014, 2014.

B. Cui and S. He, “Anomaly detection model based on hadoop platform and weka interface,” Proc. - 2016 10th Int. Conf. Innov. Mob. Internet Serv. Ubiquitous Comput. IMIS 2016, pp. 84–89, 2016.

A. Abd and A. Hadi, “Performance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm,” Int. J. Appl. Eng. Res., vol. 13, no. 2, pp. 1520–1527, 2018.