Design and Performance Evaluation of a Machine Learning-Based Method for Intrusion Detection

In addition to intrusion prevention, intrusion detection is a critical process for network security. The task of intrusion detection is to identify a network connecting record as representing a normal or abnormal behavior. This is a classification problem that can be addressed using machine learning techniques. Commonly used techniques include supervised learning such as Support Vector Machine classification (SVM) and unsupervised learning such as Clustering with Ant Colony Optimization (ACO). In this paper, we described a new approach that combines SVM and ACO to take advantages of both approaches while overcome their drawbacks. We called the new method Combining Support Vectors with Ant Colony (CSVAC). Our experimental results on a benchmark data set show that the new approach was better than or at least comparable with pure SVM and pure ACO on the performance measures.

[1]  Jiawei Han,et al.  Data Mining: Concepts and Techniques , 2000 .

[2]  Ajith Abraham,et al.  ANTIDS: Self Orga nized Ant-Based C lustering Model for Intrusion Det ection System , 2005, WSTST.

[3]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[4]  Yang Weiping Intrusion Detection System Based on Support Vector Machine Active Learning , 2007 .

[5]  Boleslaw K. Szymanski,et al.  NETWORK-BASED INTRUSION DETECTION USING NEURAL NETWORKS , 2002 .

[6]  James A. Mahaffey,et al.  Multiple Self-Organizing Maps for Intrusion Detection , 2000 .

[7]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[8]  Hui-Hua Yang,et al.  Ant colony optimization based network intrusion feature selection and detection , 2005, 2005 International Conference on Machine Learning and Cybernetics.

[9]  M.I. Heywood,et al.  Host-based intrusion detection using self-organizing maps , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[10]  David G. Stork,et al.  Pattern Classification , 1973 .

[11]  John C. Platt,et al.  Fast training of support vector machines using sequential minimal optimization, advances in kernel methods , 1999 .

[12]  Sotiris B. Kotsiantis,et al.  Supervised Machine Learning: A Review of Classification Techniques , 2007, Informatica.

[13]  Tao Xiong,et al.  A combined SVM and LDA approach for classification , 2005, Proceedings. 2005 IEEE International Joint Conference on Neural Networks, 2005..

[14]  Ajith Abraham,et al.  ANTIDS: Self Orga nized Ant-Based C lustering Model for Intrusion Det ection System , 2004, WSTST.

[15]  Christopher J. C. Burges,et al.  A Tutorial on Support Vector Machines for Pattern Recognition , 1998, Data Mining and Knowledge Discovery.

[16]  Bernhard Pfahringer,et al.  Winning the KDD99 classification cup: bagged boosting , 2000, SKDD.

[17]  Vincent J. Carey,et al.  Supervised Machine Learning , 2008 .