A Feature Selection Method for Anomaly Detection Based on Improved Genetic Algorithm

Abstract

Since anomaly detection systems often need to handle large amounts of data, feature selection, which is an effective method for reducing data complexity, is usually applied for anomaly detection. In this paper, an improved genetic algorithm based feature selection method is proposed to obtain optimal features subset with not only considering the performance of classifier but the features generation costs. An optimal weighted nearest neighbor classifier is also adopted to improve the detection performance with the selected features. The experiment results on NSL-KDD dataset show that the proposed method achieves a better or similar performance with 99.66% detection rate and 0.70% false negative rate, when compared with that based on all features. KEYWORD: Anomaly detection; feature selection; genetic algorithm