A Real-time Intrusion Detection System Based on PSO-SVM

The success of any Intrusion Detection System (IDS) is a complicated problem due to its nonlinearity and the quantitative or qualitative network traffic data stream with irrelevant and redundant features. How to choose the effective and key features to IDS is very important topic in information security. Support vector machine (SVM) has been employed to provide potential solutions for the IDS problem. However, the practicability of SVM is affected due to the difficulty of selecting appropriate SVM parameters. Particle swarm optimization (PSO) is an optimization method, which is not only has strong global search capability, but also is very easy to implement. Thus, the proposed PSO–SVM model is applied to an intrusion detection problem, the KDD Cup 99 data set. The standard PSO is used to determine free parameters of support vector machine and the binary PSO is to obtain the optimum feature subset at building intrusion detection system. The experimental results indicate that the PSO–SVM method can achieve higher detection rate than regular SVM algorithms in the same time.