The Study of Feature Engineering in Machine Learning and Deep Learning for Network Intrusion Detection Systems

Authors

Steven Ning, Silicon Valley Cybersecurity Institute
Khanh Nguyen, San Jose State UniversityFollow
Sohini Bagchi, San Jose State University
Younghee Park, San Jose State UniversityFollow

Publication Date

1-1-2024

Document Type

Conference Proceeding

Publication Title

2024 Silicon Valley Cybersecurity Conference, SVCC 2024

DOI

10.1109/SVCC61185.2024.10637359

Abstract

With the rise of sophisticated cyberattacks, the efficiency of intrusion detection systems becomes paramount. Machine learning (ML) and deep learning (DL) models used for intrusion detection often encounter datasets with irrelevant or redundant features, leading to low performance. To address this challenge, feature engineering techniques are important in extracting the most informative features, enabling faster and more accurate detection of malicious patterns. This paper investigates a comparative analysis of four feature engineering methods using a historical archival dataset: entropy, mutual information, chi- squared statistics, and ANOVA. By evaluating and comparing the effectiveness of these methods under different conditions of ML/DL models, this study aims to provide insights into their respective strengths and weaknesses, guiding the selection of the most suitable approach to improve the efficiency of network intrusion detection systems.

Funding Number

2244597

Funding Sponsor

National Science Foundation

Keywords

Deep Learning Models, Feature Engineering, Machine Learning Models, Network Intrusion Detection System, NSL-KDD Datasets

Department

Computer Engineering

Recommended Citation

Steven Ning, Khanh Nguyen, Sohini Bagchi, and Younghee Park. "The Study of Feature Engineering in Machine Learning and Deep Learning for Network Intrusion Detection Systems" 2024 Silicon Valley Cybersecurity Conference, SVCC 2024 (2024). https://doi.org/10.1109/SVCC61185.2024.10637359