Anomaly Detection based on Machine Learning Dimensionality Reduction using PCA and Classification using SVM

Anomaly detection has emerged as an important technique in many application areas mainly for network security. Anomaly detection based on machine learning algorithms considered as the classification problem on the network data has been presented here. Dimensionality reduction and classification algorithms are explored and evaluated using KDD99 dataset for network IDS. Principal Component Analysis for dimensionality reduction and Support Vector Machine for classification have been considered for the application on network data and the results are analysed. The result shows the decrease in execution time for the classification as we reduce the dimension of the input data and also the precision and recall parameter values of the classification algorithm shows that the SVM with PCA method is more accurate as the number of misclassification decreases.

[1]  Salvatore J. Stolfo,et al.  Mining Audit Data to Build Intrusion Detection Models , 1998, KDD.

[2]  Zhang Xue-qin,et al.  Intrusion Detection System Based on Feature Selection and Support Vector Machine , 2006, 2006 First International Conference on Communications and Networking in China.

[3]  Fengxi Song,et al.  Feature Selection Using Principal Component Analysis , 2010, 2010 International Conference on System Science, Engineering Design and Manufacturing Informatization.

[4]  Wu Ma,et al.  Research of Intrusion Detection Based on Principal Components Analysis , 2009, 2009 Second International Conference on Information and Computing Science.

[5]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[6]  Chih-Jen Lin,et al.  Formulations of Support Vector Machines: A Note from an Optimization Point of View , 2001, Neural Computation.

[7]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[8]  Yingxu Lai,et al.  A Data Mining Framework for Building Intrusion Detection Models Based on IPv6 , 2009, ISA.

[9]  Zhang Xue-qin,et al.  Intrusion Detection System Based on Feature Selection and Support Vector Machine , 2006 .

[10]  Lindsay I. Smith,et al.  A tutorial on Principal Components Analysis , 2002 .