Analyzing ANOVA F-test and Sequential Feature Selection for Intrusion Detection Systems

An Intrusion Detection System (IDS) helps the computer system notify an admin when an attack is coming to a network. However, some problems may delay this process, such as a long time caused by several features in the captured data to classify. One of the optimization approaches is to select those critical features. It is intended to increase performance and reduce computational time. This research evaluates feature selection methods using the ANOVA F-test and Sequential Feature Selection (SFS), whose performance is measured using some metrics: accuracy, specificity, and sensitivity over NSL-KDD, Kyoto2006, and UNSW_NB15 datasets. Using that approach, the performance increases, on average, by more than 10% for multiclass; and about 5% for binary class. It can be inferred that an optimal number of features can be obtained, where the best features are selected by SFS. Nevertheless, this method still needs to be improved before being implemented in a real system.