Anomaly Intrusions Detection Based on Support Vector Machines with an Improved Bat Algorithm

The continuous proliferation of more complex and various security threats leads to the conclusion that new solutions are required. Intrusion Detection Systems can be a pertinent solution because they can deal with the large data volumes of logs gathered from the multitude of systems and can even identify new types of attacks if based on anomaly detection. In this paper we propose an IDS model which includes two stages: feature selection with information gain and detection with Support Vector Machines (SVM). A draw-back of SVM is that its performance results are influenced by its user input parameters. Therefore, in order to better the classifier we exploit the advantages of a recent Swarm Intelligence (SI) algorithm, the Bat Algorithm (BA), which we improve by enhancing its randomization with Lévy flights. We test our model for the NSL-KDD dataset and prove that it can outperform the original BA, ABC or the popular PSO.

[1]  Victor Valeriu Patriciu,et al.  Intrusions detection based on Support Vector Machine optimized with swarm intelligence , 2014, 2014 IEEE 9th IEEE International Symposium on Applied Computational Intelligence and Informatics (SACI).

[2]  Valentin Sgarciu,et al.  Enhanced intrusion detection system based on bat algorithm-support vector machine , 2014, 2014 11th International Conference on Security and Cryptography (SECRYPT).

[3]  Yanzhi Li,et al.  A Detection Method of Network Intrusion Based on SVM and Ant Colony Algorithm , 2012, ITCS 2012.

[4]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[5]  Nadjet Kamel,et al.  A Hybrid Bat Based Feature Selection Approach for Intrusion Detection , 2014, BIC-TA.

[6]  Jun Wang,et al.  A real time IDSs based on artificial Bee Colony-support vector machine algorithm , 2010, Third International Workshop on Advanced Computational Intelligence.

[7]  Marc Dacier,et al.  Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.

[8]  J. Klafter,et al.  Introduction to the Theory of Lévy Flights , 2008 .

[9]  Jian Xie,et al.  A Novel Bat Algorithm Based on Differential Operator and Lévy Flights Trajectory , 2013, Comput. Intell. Neurosci..

[10]  Xingwei Liu,et al.  A New Intrusion Detection Method Based on BPSO-SVM , 2008, 2008 International Symposium on Computational Intelligence and Design.

[11]  H. Eugene Stanley,et al.  The Physics of Foraging: Random walks and Lévy flights , 2011 .

[12]  Hui-Hua Yang,et al.  Ant colony optimization based network intrusion feature selection and detection , 2005, 2005 International Conference on Machine Learning and Cybernetics.

[13]  Xin-She Yang,et al.  A New Metaheuristic Bat-Inspired Algorithm , 2010, NICSO.

[14]  Xu Hong,et al.  A Real-time Intrusion Detection System Based on PSO-SVM , 2009 .

[15]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[16]  Jiann-Horng Lin,et al.  A Chaotic Levy Flight Bat Algorithm for Parameter Estimation in Nonlinear Dynamic Biological Systems , 2012, CIT 2012.

[17]  Ahmed A. Elngar,et al.  A Real-Time Anomaly Network Intrusion Detection System with High Accuracy , 2013 .

[18]  Li Cheng,et al.  A New Metaheuristic Bat-Inspired Algorithm , 2010 .

[19]  Xin-She Yang,et al.  Swarm-Based Metaheuristic Algorithms and No-Free-Lunch Theorems , 2012 .

[20]  Xian Du,et al.  Classical Machine-Learning Paradigms for Data Mining , 2016 .

[21]  Valentin Sgarciu,et al.  Anomaly intrusions detection based on support vector machines with bat algorithm , 2014, 2014 18th International Conference on System Theory, Control and Computing (ICSTCC).