Feature Selection for Intrusion Detection using Neural Networks and Support Vector Machines

نویسندگان

  • Srinivas Mukkamala
  • Andrew H. Sung
چکیده

Computational Intelligence (CI) methods are increasingly being used for problem solving. This paper concerns using CI-type learning machines for intrusion detection, which is a problem of general interest to transportation infrastructure protection since a necessary task thereof is to protect the computers responsible for the infrastructure’s operational control, and an effective Intrusion Detection System (IDS) is essential for ensuring network security. Two classes of learning machines for IDSs are studied: Artificial Neural Networks (ANNs) and Support Vector Machines (SVMs). We show that SVMs are superior to ANNs in three critical respects of IDSs: SVMs train and run an order of magnitude faster; SVMs scale much better; and SVMs give higher classification accuracy. We also address the related issue of ranking the importance of input features, which is itself a problem of great interest. Since elimination of the insignificant and/or useless inputs leads to a simplified problem and possibly faster and more accurate detection, feature selection is very important in intrusion detection. Two methods for feature ranking are presented: the first one is independent of the modeling tool, while the second method is specific to SVMs. The two methods are applied to identify the important features in the 1999 DARPA intrusion data set. It is shown that the two methods produce results that are largely consistent. We present experimental results that indicate that SVM-based IDSs using a reduced number of features can deliver enhanced or comparable performance. Finally, an SVM-based IDS for class-specific detection is proposed.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Anomaly Detection Using SVM as Classifier and Decision Tree for Optimizing Feature Vectors

Abstract- With the advancement and development of computer network technologies, the way for intruders has become smoother; therefore, to detect threats and attacks, the importance of intrusion detection systems (IDS) as one of the key elements of security is increasing. One of the challenges of intrusion detection systems is managing of the large amount of network traffic features. Removing un...

متن کامل

Intrusion Detection in IOT based Networks Using Double Discriminant Analysis

Intrusion detection is one of the main challenges in wireless systems especially in Internet of things (IOT) based networks. There are various attack types such as probe, denial of service, remote to local and user to root. In addition to known attacks and malicious behaviors, there are various unknown attacks that some of them have similar behavior with respect to each other or mimic the norma...

متن کامل

Identifying Key Variables for Intrusion Detection Using Soft Computing Paradigms

This paper concerns using learning machines for intrusion detection. Two classes of learning machines are studied: Artificial Neural Networks (ANNs) and Support Vector Machines (SVMs). We show that SVMs are superior to ANNs for intrusion detection in three critical respects: SVMs train, and run, an order of magnitude faster; SVMs scale much better; and SVMs give higher classification accuracy. ...

متن کامل

Intrusion Detection: Support Vector Machines and Neural Networks

This paper concerns intrusion detection and audit trail reduction. We describe approaches to intrusion detection and audit data reduction using support vector machines and neural networks. Using a set of benchmark data from the KDD (Knowledge Discovery and Data Mining) competition designed by DARPA, we demonstrate that efficient and highly accurate classifiers can be built using either support ...

متن کامل

A Novel Hybrid Feature Selection and Intrusion Detection Based On PCNN and Support Vector Machine

In this paper proposed a hybrid model for feature selection and intrusion detection. Feature selection is important issue in intrusion detection. The selection of feature in attack attribute and normal traffic attribute is challenging task. The selection of known and unknown attack is also faced a problem of classification. PCNN is dynamic network used for the process of feature selection in cl...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2002