The purpose of this study is to identify important reduced input features in building IDS that is computationally efficient and effective. For this we investigate the performance of three standard feature selection methods using Correlation-based Feature Selection, Information Gain and Gain Ratio. NSL KDD dataset to detect attacks on the four attack categories: Probe (information gathering), DoS (denial of service), U2R (user to root) and R2L (remote to local). A constantly updated database is usually used to store the signatures of known attacks. It cannot detect new attack until trained for them. Anomaly detection attempts to identify behavior that does not conform to normal behavior. This technique is based on the detection of traffic anomalies. There are two common approaches for feature reduction. A Wrapper uses the intended learning algorithm itself to evaluate the usefulness of features, while filter evaluates features according to heuristics based on general characteristics of the data.