Intrusion Detection System Based on Feature Selection and Support Vector Machine

Support vector machine (SVM) has been applied to intrusion detection system (IDS) for its abilities to perform classification and regression. But for large-scale network intrusion detection problem, since solving a support vector machine is a typical quadratic optimization problem, which is influenced by the dimension and quantity of examples, many problems arise. KDDCUP'99 was used as the experiment dataset in this paper. A feature selection technology based on Fisher score was presented and used to construct a reduced feature subset of KDDCUP'99 dataset. SVM was used as a classifier. Experiment was run. The experiment results show, using Fisher score combined with SVM to select the important features is an effective method to reduce the dimension of the example feature space, and the classification accuracy has not dramatically decreased comparing to the original feature space.

[1]  Peng Xinguang IDS Evaluation Approach Based on DET Curves , 2008 .

[2]  Motoaki Kawanabe,et al.  Clustering with the Fisher Score , 2002, NIPS.

[3]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[4]  Kuo-Chen Chou,et al.  Bio-support vector machines for computational proteomics , 2004, Bioinform..

[5]  Guodong Guo,et al.  Content-based audio classification and retrieval by support vector machines , 2003, IEEE Trans. Neural Networks.

[6]  B. Ripley,et al.  Pattern Recognition , 1968, Nature.

[7]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[8]  Pat Langley,et al.  Selection of Relevant Features and Examples in Machine Learning , 1997, Artif. Intell..