Abstract
In this paper, a novel intrusion detection system (IDS) is developed using a cost based support vector machine (SVM). While developing an IDS, due to the imbalanced characteristics it is very difficult to differentiate the attack events from a non-attack (normal) event in any network environment. The cost based SVM facilitates to put much weight to one pattern over another ones to differentiate attack and non-attack cases with a high accuracy. The same can be applied on a multiclass attack problems by using cost factor to each ratio of different types of attacks. In this study, the cost based SVM has been applied to classify DARPA99 intrusion detection dataset. The experimental results show that the cost based SVM can outperform standard SVM while attempting to differentiate a case as either attack or non-attack (normal). Furthermore, we applied the cost based SVM with an RBF kernel to a multiclass attack problem. Experimental result achieved about 99 % detection accuracy when it was applied to detect the type of attacks as either of Normal, DOS, Probe and R2L from DARPA99 dataset.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensemble of intelligent paradigms. J. Netw. Comput. Appl. 168–179 (2004)
Debar, H., Dorizzi, B.: An application of a recurrent network to an Intrusion detection system. In: Proceedings of the International Joint Conference on Neural Networks, pp. 78–83 (1992)
Ryan, J., Lin, M.-J., Miikkulainen, R.: Intrusion detection with neural networks. Advances in Neural Information Processing Systems, pp. 78–83. MIT Press (1997)
Mukkamala, S., Janoski, G., Sung, A.H.: Intrusion detection using neural networks and support vector machines. In: Proceedings of IJCNN, pp. 1702–1707 (2002)
Xiao, H., Peng, F., Wang, L., Li, H.: Ad hoc-based feature selection and support vector machine classifier for intrusion detection. In: IEEE International Conference on Grey Systems and Intelligent Services (GSIS 2007), pp. 1117–1121 (2007)
Yendrapalli, K., Mukkamala, S., Sung, A.H., Ribeiro, B.: Biased support vector machines and kernel methods for intrusion detection. In: Proceedings of the World Congress on Engineering (WCE) 2007, London, U.K (2007)
Aboromman, A.A., Reaz, M.B.I.: A novel SVM-kNN-PSO ensemble method for intrusion detection system. Appl. Soft Comput. 38, 360–372 (2016)
Kausar, N., Samir, B.B., Abdullah, A., Ahmad, I., Hussain, M.: A review of classification approaches using support vector machine in intrusion detection. Commun. Comput. Inf. Sci. 1–11 (2016)
Yuancheng, L., Zhongqiang, W., Yinglong, M.: An intrusion detection method based on KICA and SVM. In: 7th World Congress on Intelligent Control and Automation (WCICA 2008), pp. 2141–2144 (2008)
Gao, M., Tian, J., Xia, M.: Intrusion detection method based on classify support vector machine. In: Proceedings of the 2009 Second International Conference on Intelligent Computation Technology and Automation, pp. 391–394 (2009)
Rung-Ching, C., Kai-Fan, C., Ying-Hao, C., Chia-Fen, H.: Using rough set and support vector machine for network intrusion detection system. In: First Asian Conference on Intelligent Information and Database Systems (ACIIDS 2009), pp. 465–470 (2009)
Yuan, J., Li, H., Ding, S., Cao, L.: Intrusion detection model based on improved support vector machine. In: Proceedings of the 2010 Third International Symposium on Intelligent Information Technology and Security Informatics, pp. 465–469 (2010)
Guan, X., Guo, H., Chen, L.: Network intrusion detection method based on Agent and SVM. In: The 2nd IEEE International Conference on Information Management and Engineering (ICIME), pp. 399–402 (2010)
Xiaomei, Y., Peng, W.: Security audit system using adaptive genetic algorithm and support vector machine. In: 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), pp. 265–268 (2010)
Vapnik, V.N.: The Nature of Statistical Learning Theory. Springer, NY (1995)
Haykin, S.: Neural Networks—A Comprehensive Foundation. Upper Saddle River (2004)
Morik, K., Brockhausen, P., Joachims, T.: Combining statistical learning with a knowledge-based approach-a case study in intensive care monitoring. In: Proceedings of ICML, pp. 268–277 (1999)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Hassan, M.R. (2016). Intrusion Detection System Based on Cost Based Support Vector Machine. In: Meesad, P., Boonkrong, S., Unger, H. (eds) Recent Advances in Information and Communication Technology 2016. Advances in Intelligent Systems and Computing, vol 463. Springer, Cham. https://doi.org/10.1007/978-3-319-40415-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-40415-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40414-1
Online ISBN: 978-3-319-40415-8
eBook Packages: EngineeringEngineering (R0)