A novel hybrid KPCA and SVM with GA model for intrusion detection

A novel support vector machine (SVM) model combining kernel principal component analysis (KPCA) with genetic algorithm (GA) is proposed for intrusion detection. In the proposed model, a multi-layer SVM classifier is adopted to estimate whether the action is an attack, KPCA is used as a preprocessor of SVM to reduce the dimension of feature vectors and shorten training time. In order to reduce the noise caused by feature differences and improve the performance of SVM, an improved kernel function (N-RBF) is proposed by embedding the mean value and the mean square difference values of feature attributes in RBF kernel function. GA is employed to optimize the punishment factor C, kernel parameters @s and the tube size @? of SVM. By comparison with other detection algorithms, the experimental results show that the proposed model performs higher predictive accuracy, faster convergence speed and better generalization.

[1]  Zhenguo Chen,et al.  Minimax Probability Machine Classifier with Feature Extraction by Kernel Pca for Intrusion Detection , 2008, 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing.

[2]  H. Deutsch Principle Component Analysis , 2004 .

[3]  S. Srinoy,et al.  Anomaly-Based Intrusion Detection using Fuzzy Rough Clustering , 2006, 2006 International Conference on Hybrid Information Technology.

[4]  Bhavani M. Thuraisingham,et al.  A new intrusion detection system using support vector machines and hierarchical clustering , 2007, The VLDB Journal.

[5]  Qingsheng Zhu,et al.  Finding key attribute subset in dataset for outlier detection , 2011, Knowl. Based Syst..

[6]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[7]  Chih-Jen Lin,et al.  A Practical Guide to Support Vector Classication , 2008 .

[8]  Ke Liu,et al.  A Novel Approach of KPCA and SVM for Intrusion Detection , 2012 .

[9]  Haixia Xu,et al.  Adaptive Kernel Principal Analysis for Online Feature Extraction , 2009 .

[10]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[11]  Hussein A. Abbass,et al.  An adaptive genetic-based signature learning system for intrusion detection , 2009, Expert Syst. Appl..

[12]  Fei Ren,et al.  Using Density-Based Incremental Clustering for Anomaly Detection , 2008, 2008 International Conference on Computer Science and Software Engineering.

[13]  S. Karthikeyan,et al.  An ensemble design of intrusion detection system for handling uncertainty using Neutrosophic Logic Classifier , 2012, Knowl. Based Syst..

[14]  Tai-Myoung Chung,et al.  Effective Value of Decision Tree with KDD 99 Intrusion Detection Datasets for Intrusion Detection System , 2008, 2008 10th International Conference on Advanced Communication Technology.

[15]  D. E. Goldberg,et al.  Genetic Algorithms in Search, Optimization & Machine Learning , 1989 .

[16]  Lekha Bhambhu,et al.  DATA CLASSIFICATION USING SUPPORT VECTOR MACHINE , 2009 .

[17]  Georgios Kambourakis,et al.  Swarm intelligence in intrusion detection: A survey , 2011, Comput. Secur..

[18]  Hu Feng-bin A novel engine identification model based on support vector machine and analysis of precision-influencing factors , 2010 .

[19]  Asifullah Khan,et al.  Combination of support vector machines using genetic programming , 2006, Int. J. Hybrid Intell. Syst..

[20]  Goldberg,et al.  Genetic algorithms , 1993, Robust Control Systems with Genetic Algorithms.

[21]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[22]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[23]  Roberto Battiti,et al.  Identifying intrusions in computer networks with principal component analysis , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[24]  Eleazar Eskin,et al.  Anomaly Detection over Noisy Data using Learned Probability Distributions , 2000, ICML.

[25]  Surat Srinoy,et al.  Intrusion Detection Model Based On Particle Swarm Optimization and Support Vector Machine , 2007, 2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications.

[26]  Yongdae Kim,et al.  A machine learning framework for network anomaly detection using SVM and GA , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[27]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[28]  Chih-Fong Tsai,et al.  A triangle area based nearest neighbors approach to intrusion detection , 2010, Pattern Recognit..