Development of IDS Using Supervised Machine Learning

  • Indrajeet KumarEmail author
  • Noor Mohd
  • Chandradeep Bhatt
  • Shashi Kumar Sharma
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1154)


In the era of modern lifestyle, the internet and networking are essential things for everyone. With the help these facilities everyone can exchange information between intranet and internet-connected people. During the information exchange, so many intermediate devices are involved, so that the security of information or data is primary concern for each and every involved system. Attackers or intruders belong to inside the network or outside of the network. To detect an intruder or attacker an intrusion detection system (IDS) has been proposed for the detection of normal and attack data packets for a network. In this work, KDD-99 dataset is used for the development of IDS. A total set of 32,640 samples are considered, in which 12,440 samples of normal and 20,200 samples of attack class are used. These samples are further bifurcated into training and testing set in balanced manner. Thus, 16,320 samples (normal: 6220 and attack: 10,100) are used for training set and same number of set is used for the testing set. For the supervised learning, SVM and kNN classifiers are used to differentiate between normal data packets and attack data packets with PCA as dimensionality reduction. After the successful completion of experiments, it has been found that PCA-kNN yields maximum accuracy of 90.07% at pc value of 5 using cosine distance.


Intrusion detection system Supervised learning SVM classifier kNN classifier Principal component analysis 


  1. 1.
    Endorf, C., Schultz, E., Mellander, J.: Intrusion Detection & Prevention. McGraw-Hill, Osborne Media (2004). ISBN: 0072229543Google Scholar
  2. 2.
    Anderson, J.P.: Computer security threat monitoring and surveillance. In: James, P. (eds) Technical Report. Anderson Company (1980)Google Scholar
  3. 3.
    Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. 2, 222–232 (1987)CrossRefGoogle Scholar
  4. 4.
    Verwoerd, T., Hunt, R.: Intrusion detection techniques and approaches. Comput. Commun. 25(15), 1356–1365 (2002)CrossRefGoogle Scholar
  5. 5.
    Khan, S., Loo, J., Din, U.Z.: Framework for intrusion detection in IEEE 802.11 wireless mesh networks. Int. Arab J. Inf. Technol. 7(4), 435–440 (2017)Google Scholar
  6. 6.
    Abraham, A., Grosan, C., Martin-Vide, C.: Evolutionary design of intrusion detection programs. IJ Netw. Secur. 4(3), 328–339 (2007)Google Scholar
  7. 7.
    Tiwari, A., Ojha, S.K.: Design and analysis of intrusion detection system via neural Network, SVM, and neuro-fuzzy. In: Emerging Technologies in Data Mining and Information Security, pp. 49–63. Springer, Singapore (2019)Google Scholar
  8. 8.
    Abraham, A., Jain, R., Thomas, J., Han, S.Y.: D-SCIDS: distributed soft computing intrusion detection system. J. Netw. Comput. Appl. 30(1), 81–98 (2007)CrossRefGoogle Scholar
  9. 9.
    Roman, R., Zhou, J., Lopez, J.: Applying intrusion detection systems to wireless sensor networks. In: IEEE Consumer Communications & Networking Conference (CCNC 2006) (2006)Google Scholar
  10. 10.
    Karataş, F., Korkmaz, S.A.: Big data: controlling fraud by using machine learning libraries on spark. Int. J. Appl. Math. Electron. Comput. 6(1), 1–5 (2018)CrossRefGoogle Scholar
  11. 11.
    Peng, K., Leung, V.C., Huang, Q.: Clustering approach based on mini batch K-means for intrusion detection system over big data. IEEE Access (2018)Google Scholar
  12. 12.
    Anuar, N.B., Sallehudin, H., Gani, A., Zakaria, O.: Identifying false alarm for network intrusion detection system using hybrid data mining and decision tree. Malaysian J. Comput. Sci. 21(2), 101–115 (2008)CrossRefGoogle Scholar
  13. 13.
    Golovko, V., Kochurko, P.: Intrusion recognition using neural networks. In: 2005 IEEE Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, pp. 108–111. IEEE (2005)Google Scholar
  14. 14.
    Tian, S., Yu, J., Yin, C.: Anomaly detection using support vector machines. In: International Symposium on Neural Networks, pp. 592–597. Springer, Berlin (2004)Google Scholar
  15. 15.
    Chen, W.H., Hsu, S.H., Shen, H.P.: Application of SVM and ANN for intrusion detection. Comput. Oper. Res. 32(10), 2617–2634 (2005)CrossRefGoogle Scholar
  16. 16.
    Belouch, M., El Hadaj, S., Idhammad, M.: Performance evaluation of intrusion detection based on machine learning using Apache Spark. Proc. Comput. Sci. 1(127), 1–6 (2018)CrossRefGoogle Scholar
  17. 17.
    Li, Y., Parker, L.E.: Intruder detection using a wireless sensor network with an intelligent mobile robot response. In: IEEE Southeast Con 2008, pp. 37–42. IEEEGoogle Scholar
  18. 18.
    Peng, K., Leung, V., Zheng, L., Wang, S., Huang, C., Lin, T.: Intrusion detection system based on decision tree over big data in fog environment. Wirel. Commun. Mobile Comput (2018)Google Scholar
  19. 19.
    Ye, K.: Key feature recognition algorithm of network intrusion signal based on neural network and support vector machine. Symmetry 11(3), 380 (2019)CrossRefGoogle Scholar
  20. 20.
    Kalaivani, S., Vikram, A., Gopinath, G.: An effective swarm optimization based intrusion detection classifier system for cloud computing. In: 2019 5th International Conference on Advanced Computing & Communication Systems (ICACCS), pp. 185–188. IEEE (2019)Google Scholar
  21. 21.
    Taher, K.A., Jisan, B.M., Rahman, M.M.: Network intrusion detection using supervised machine learning technique with feature selection. In: 2019 International Conference on Robotics, Electrical and Signal Processing Techniques (ICREST), pp. 643–646. IEEE (2019)Google Scholar
  22. 22.
    Kim, J., Kim, J., Thu, H.L., Kim, H.: Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 International Conference on Platform Technology and Service (PlatCon), pp. 1–5. IEEE (2016)Google Scholar
  23. 23.
    Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 12(6), 52843–52856 (2018)CrossRefGoogle Scholar
  24. 24.
    Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 12(5), 21954–21961 (2017)CrossRefGoogle Scholar
  25. 25.
    Bay, S.D., Kibler, D.F., Pazzani, M.J., Smyth, P.: The UCI KDD archive of large data sets for data mining research and experimentation. SIGKDD Explor. 2(2), 81–85 (2000)CrossRefGoogle Scholar
  26. 26.
    Cup, K.D.: Dataset, p. 72. Available at the following website (1999)
  27. 27.
    Kumar, I., Virmani, J., Bhadauria, H.S., Panda, M.K.: Classification of breast density patterns using PNN, NFC, and SVM classifiers. In: Soft Computing Based Medical Image Analysis, pp. 223–243. Academic Press (2018)Google Scholar
  28. 28.
    Kumar, I., Bhadauria, H.S., Virmani, J.: Wavelet packet texture descriptors based four-class BIRADS breast tissue density classification. Proc. Comput. Sci. 1(70), 76–84 (2015)CrossRefGoogle Scholar
  29. 29.
    Kumar, I., Bhadauria, H.S., Virmani, J., Thakur, S.: A hybrid hierarchical framework for classification of breast density using digitized film screen mammograms. Multimedia Tools Appl. 76(18), 18789–18813 (2017)CrossRefGoogle Scholar
  30. 30.
    Kumar, I., Virmani, J., Bhadauria, H.S., Thakur, S.: A breast tissue characterization framework using PCA and weighted score fusion of neural network classifiers. Classification Tech. Med. Image Anal. Comput. Aided Diag. 12, 129 (2019)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Indrajeet Kumar
    • 1
    Email author
  • Noor Mohd
    • 2
    • 3
  • Chandradeep Bhatt
    • 1
  • Shashi Kumar Sharma
    • 1
  1. 1.Graphic Era Hill UniversityDehradunIndia
  2. 2.Graphic Era Deemed to be UniversityDehradunIndia
  3. 3.Research scholar, GBPIETPauri GarhwalIndia

Personalised recommendations