The Scientific World Journal

Research Article

Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection

Table 2

Most relevant features for each attack and information gain measures.
Attack typeAttack patternIgsum valueVarious combination of features giving high information gain value
PROBEipsweep0.822, 3, 5, 12, 13, 14, 16, 17, 21, 23, 24, 25, 28, 31, 32, 33, 37, 38
nmap0.271, 2, 3, 5, 18, 21, 22, 28, 29, 31, 32, 34, 35, 36, 37
portsweep0.583, 4, 10, 24, 27, 29, 34, 35, 36, 37, 41
satan0.751, 3, 5, 11, 15, 19, 23, 24, 25, 27, 28, 29, 30, 31, 32, 35, 39, 40, 41
mscan1.111, 3, 4, 5, 7, 12, 17, 21, 25, 27, 28, 29, 31, 33, 35, 39, 40, 41
saint0.331, 5, 7, 12, 16, 24, 25, 29, 32, 33, 34, 35, 37, 38, 40
DOSback0.381, 2, 4, 5, 6, 10, 11, 12, 13, 15, 17, 18, 21, 22, 23, 26, 27, 28, 30, 31, 34, 35, 37, 41
land0.00091, 2, 3, 4, 7, 13, 18, 25, 29, 35, 38
neptune7.731, 3, 4, 5, 6, 7, 13, 15, 17, 19, 20, 26, 28, 29, 30, 31, 33, 34, 35, 38, 39
pod0.0522, 3, 5, 7, 8, 9, 10, 11, 17, 19, 21, 23, 26, 33, 34, 39, 40
smurf0.682, 3, 5, 8, 17, 23, 24, 25, 26, 29, 33, 35, 36, 38, 39
teardrop0.273, 4, 5, 6, 8, 10, 13, 23, 24, 25, 26, 32, 34, 35, 36, 37, 39, 40
U2RBuffer_overflow0.00861, 2, 3, 5, 6, 7, 8, 9, 10, 14, 21, 23, 29, 30, 31, 32, 33, 36, 38, 39, 40
loadmodule0.00581, 2, 3, 4, 7, 8, 14, 27, 36, 39, 40
rootkit0.00353, 6, 9, 11, 13, 14, 16, 17, 18, 23, 28, 31, 32, 33, 34, 35, 37, 39, 41
R2Lguess_passwd0.0252, 3, 4, 6, 9, 10, 11, 13, 14, 17, 21, 23, 24, 37, 38, 39, 40, 41
imap0.00353, 4, 5, 6, 10, 12, 20, 23, 25, 27, 29, 30, 3233, 34, 36, 38, 39, 41
multihop0.00243, 4, 10, 12, 13, 14, 16, 17, 18, 19, 22, 26, 27, 30, 35, 37
phf0.00213, 4, 6, 8, 9, 10, 13, 14, 19, 28, 29, 36
spy0.00032, 3, 4, 5, 9, 15, 18, 22, 16, 39
warezclient0.213, 4, 5, 6, 10, 12, 14, 16, 24, 27, 28, 29, 30, 32, 33, 34, 35, 37, 38, 39, 40, 41
warezmaster0.0081, 2, 3, 4, 6, 12, 13, 14, 16, 17, 19, 22, 23, 24, 31, 35, 36, 37, 39
Normal11.961, 2, 3, 4, 5, 6, 7, 15, 23, 24, 14, 15, 19, 20, 21, 23, 25, 26, 27, 28, 30, 32, 33, 34, 36, 37, 38