CFP last date
20 December 2024
Reseach Article

A Framework for Simulation of Intrusion Detection System using Support Vector Machine

by D. P. Gaikwad, R. C. Thool
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 76 - Number 2
Year of Publication: 2013
Authors: D. P. Gaikwad, R. C. Thool
10.5120/13219-0618

D. P. Gaikwad, R. C. Thool . A Framework for Simulation of Intrusion Detection System using Support Vector Machine. International Journal of Computer Applications. 76, 2 ( August 2013), 23-30. DOI=10.5120/13219-0618

@article{ 10.5120/13219-0618,
author = { D. P. Gaikwad, R. C. Thool },
title = { A Framework for Simulation of Intrusion Detection System using Support Vector Machine },
journal = { International Journal of Computer Applications },
issue_date = { August 2013 },
volume = { 76 },
number = { 2 },
month = { August },
year = { 2013 },
issn = { 0975-8887 },
pages = { 23-30 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume76/number2/13219-0618/ },
doi = { 10.5120/13219-0618 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:44:50.574163+05:30
%A D. P. Gaikwad
%A R. C. Thool
%T A Framework for Simulation of Intrusion Detection System using Support Vector Machine
%J International Journal of Computer Applications
%@ 0975-8887
%V 76
%N 2
%P 23-30
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

An intrusion compromises the security and the value of a computer system in network. Legitimate users find it difficult to access network services due to the network attacks as they intentionally occupy or sabotage network resources and services. The intrusion detection system defends the critical computer system and networks from cyber-attacks. Various techniques of machine learning are applied to intrusion detection system. In this paper, a framework for simulation of intrusion detection system is described. The radial basis kernel based support vector machine is used to simulate the intrusion detection system. The major research goal regarding the SVM is to improve the speed in training and testing by determining the best kernel for a given data. Out of the various parameters of the packet only few important normalized parameters are used which will result in improving speed of training the SVM and high detection rate. The KDDCUP'99 dataset is used to train and test the system. The experimental results show that the detection rate of the system is 88. 27% with good speed. Furthermore, two applications of framework are described to show how the system can be used to generate pattern of attack for testing the system and how the system prevent downloading of large PDF files from server by unauthorized user.

References
  1. Rafeeq Ur Rehman. Intrusion Detection Systems with Snort Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID. Prentice Hall PTR Upper Saddle River, New Jersey (Report).
  2. D. P. Gaikwad and R. C. Thool 2010. A Survey on Architecture Taxonomy and Products of Intrusion Detection System. Proc. of the International Conference on Computer Applications (ICCA) 2010, DOI: 10. 3850/978-981-08-7304-2_0382.
  3. Zonghua Zhang and Hong Shen 2005. Application of online-training SVMs for real-time intrusion detection with different considerations. Elsevier B. V, Computer Communications 28(2005), pp. 1428–1442.
  4. Yang Yi, Jiansheng Wu and Wei Xu 2012. Incremental SVM based on reserved set for network intrusion detection. Journal of Expert Systems with Applications,DOI:10. 1016/j. eswa. 2010. 12. 141.
  5. WE1 Yu-xin and WU Mu-qing 2008. KFDA and clustering based multiclass SVM for Intrusion Detection. The Journal of China Universities of posts and Telecommunications, Volume 15, Issue 1, March 2008.
  6. Weijun li1and Zhenyu Liu 2011. A method of SVM with Normalization in Intrusion Detection. Elsevier, Procedia Environmental Sciences 11 (2011), pp. 256 – 262,DOI:10. 1016/j. proenv. 2011. 12. 040.
  7. Carlos A. Catania, Facundo Bromberg and Carlos García Garino 2011. An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection. Elsevier, International Journal of Expert Systems with Applications 39 (2012), pp. 1822–1829, DOI:10. 1016/j. eswa. 2011. 08. 068.
  8. Yinhui Li, Jingbo Xia, Silan Zhang, Jiakai Yan, Xiaochuan Ai and Kuobin Dai 2011. An efficient intrusion detection system based on support vector machines and gradually features removal method. Expert Systems with Applications 39,(2012),pp. 424–430,DOI:10. 1016/j. eswa. 2011. 07. 032.
  9. Taeshik Shon and Jongsub Moon 2007. A hybrid machine learning approach to network anomaly detection. Elsevier, Information Sciences 177 (2007), pp. 3799–3821, DOI:10. 1016/j. ins. 2007. 03. 025
  10. Shi-Jinn Horng, Ming-Yang Su, Yuan-Hsin Chen, Tzong-Wann Kao, Rong-Jian Chen, Jui-Lin Lai and Citra Dwi Perkasa 2011. A novel intrusion detection system based on hierarchical clustering and support vector machines. Elsevier, International Journal of Expert Systems with Applications 38 (2011), pp. 306–313, DOI: 10. 1016/j. eswa. 2010. 06. 066.
  11. Kamran Shaf and Hussein A. Abbass 2009. An adaptive genetic-based signature learning system for intrusion detection. Elsevier, International Journal of Expert Systems with Applications 36 (2009), pp. 12036–12043, DOI:10. 1016/j. eswa. 2009. 03. 036.
  12. Muamer N. Mohammed and Norrozila Sulaiman 2012. Intrusion Detection System Based on SVM for WLAN. Elsevier, Procedia Technology 1 (2012), pp. 313–317, DOI: 10. 1016/j. protcy. 2012. 02. 066.
  13. Jiawei Hans and Micheline Kamber. Data Mining: Concepts and Techniques. Elsevier, Second Edition.
  14. Simon Haykin. Neural Network: A Comprehensive Foundation, Prentice Hall, Second Edition.
Index Terms

Computer Science
Information Sciences

Keywords

SVM Kernel Normalization MMH KKT FTP server