Improving accuracy of intrusion detection model using PCA and optimized SVM

被引：33

作者：

Ikram S.T. ^{[1
]}

Cherukuri A.K. ^{[2
]}

机构：

[1] School of Computing Science and Engineering, VIT University, Kelambakkam Road, Chennai

[2] School of Information Technology and Engineering, VIT University, Near Katpadi Rd, Vellore, Tamil Nadu

来源：

Journal of Computing and Information Technology | 2016年 / 24卷 / 02期

关键词：

Cross validation; Dimensionality reduction; Intrusion detection system; Principal component analysis; Radial basis function kernel; Support vector machine;

D O I：

10.20532/cit.2016.1002701

中图分类号：

学科分类号：

摘要：

Intrusion detection is very essential for providing security to different network domains and is mostly used for locating and tracing the intruders. There are many problems with traditional intrusion detection models (IDS) such as low detection capability against unknown network attack, high false alarm rate and insufficient analysis capability. Hence the major scope of the research in this domain is to develop an intrusion detection model with improved accuracy and reduced training time. This paper proposes a hybrid intrusion detection model by integrating the principal component analysis (PCA) and support vector machine (SVM). The novelty of the paper is the optimization of kernel parameters of the SVM classifier using automatic parameter selection technique. This technique optimizes the punishment factor (C) and kernel parameter gamma (γ), thereby improving the accuracy of the classifier and reducing the training and testing time. The experimental results obtained on the NSL-KDD and gurekddcup dataset show that the proposed technique performs better with higher accuracy, faster convergence speed and better generalization. Minimum resources are consumed as the classifier input requires reduced feature set for optimum classification. A comparative analysis of hybrid models with the proposed model is also performed.

引用

页码：133 / 148

页数：15

共 35 条

[1]

Wang G., Et al., A new approach to intrusion detection using artificial neural networks and fuzzy clustering, Expert Syst. Appl., 37, pp. 6225-6232, (2010)

[2]

Wang W., Battiti R., Identifying intrusions in computer networks with principal Component analysis, Proceedings of the First International Conference on Availability Reliability and Security (ARES'06), pp. 270-279, (2006)

[3]

Shafi K., Abbass H.A., An adaptive genetic based signature learning system intrusion detection, Expert Syst. Appl., 36, 10, pp. 12036-12043, (2009)

[4]

Srinoy S., Et al., Anomaly based intrusion detection using fuzzy rough clustering, Paper Presented at the International Conference on Hybrid Information Technology (ICHIT'06), pp. 329-334, (2006)

[5]

Khan L., Et al., A new intrusion detection system using support vector machines and hierarchial clustering, Journal on very large databases, 16, 4, pp. 507-521, (2007)

[6]

Mahoney M.V., Chan P.K., Learning non stationary models of normal network traffic for detecting network attacks, Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining KDD'02, pp. 61-72

[7]

Mahoney M., Chan P., Learning models of network traffic for detecting novel attacks, (2002)

[8]

Weijun L., Zhenyu L., A method of SVM with normalization in intrusion detection, Procedia Environmental Sciences, pp. 256-262, (2011)

[9]

Catania A.C., Et al., An Autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection, Expert Systems with Applications, pp. 1822-1829, (2012)

[10]

Kumar C.A., Analysis of Unsupervised Dimensionality Reduction Techniques, Computer Science and Information Systems, 6, 2, pp. 217-227, (2009)

← 1 2 3 4 →