A new dependency and correlation analysis for features

Guangzhi Qu, Salim Hariri, Mazin Yousif

Research output: Contribution to journalArticlepeer-review

114 Scopus citations


The quality of the data being analyzed is a critical factor that affects the accuracy of data mining algorithms. There are two important aspects of the data quality, one is relevance and the other is data redundancy. The inclusion of irrelevant and redundant features in the data mining model results in poor predictions and high computational overhead. This paper presents an efficient method concerning both the relevance of the features and the pairwise features correlation in order to improve the prediction and accuracy of our data mining algorithm. We introduce a new feature correlation metric QY(X i, Xj) and feature subset merit measure e(S) to quantify the relevance and the correlation among features with respect to a desired data mining task (e.g., detection of an abnormal behavior in a network service due to network attacks). Our approach takes into consideration not only the dependency among the features, but also their dependency with respect to a given data mining task. Our analysis shows that the correlation relationship among features depends on the decision task and, thus, they display different behaviors as we change the decision task. We applied our data mining approach to network security and validated it using the DARPA KDD99 benchmark data set. Our results show that, using the new decision dependent correlation metric, we can efficiently detect rare network attacks such as User to Root (U2R) and Remote to Local (R2L) attacks. The best reported detection rates for U2R and R2L on the KDD99 data sets were 13.2 percent and 8.4 percent with 0.5 percent false alarm, respectively. For U2R attacks, our approach can achieve a 92.5 percent detection rate with a false alarm of 0.7587 percent For R2L attacks, our approach can achieve a 92.47 percent detection rate with a false alarm of 8.35 percent.

Original languageEnglish (US)
Pages (from-to)1199-1206
Number of pages8
JournalIEEE Transactions on Knowledge and Data Engineering
Issue number9
StatePublished - Sep 2005


  • Correlation measure
  • Feature extraction

ASJC Scopus subject areas

  • Information Systems
  • Computer Science Applications
  • Computational Theory and Mathematics


Dive into the research topics of 'A new dependency and correlation analysis for features'. Together they form a unique fingerprint.

Cite this