Fusions of GA and SVM for Anomaly Detection in Intrusion Detection System

Kim, Dong Seong; Nguyen, Ha-Nam; Ohn, Syng-Yup; Park, Jong Sou

doi:10.1007/11427469_67

Dong Seong Kim¹⁹,
Ha-Nam Nguyen¹⁹,
Syng-Yup Ohn¹⁹ &
…
Jong Sou Park¹⁹

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3498))

Included in the following conference series:

International Symposium on Neural Networks

1298 Accesses
25 Citations

Abstract

It is important problems to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). These problems can be viewed as optimization problems for features and parameters for a detection model in IDS. This paper proposes fusions of Genetic Algorithm (GA) and Support Vector Machines (SVM) for efficient optimization of both features and parameters for detection models. Our method provides optimal anomaly detection model which is capable to minimize amounts of features and maximize the detection rates. In experiments, we show that the proposed method is efficient way of selecting important features as well as optimizing the parameters for detection model and provides more stable detection rates.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Chen, X.: Gene Selection for Cancer Classification Using Bootstrapped Genetic Algorithms and Support Vector Machines. In: The Computational Systems Bioinformatics Conference, pp. 504–505 (2003)
Google Scholar
Duda, R.O., et al.: Pattern Classification, 2nd edn. Wiley Interscience Inc., Hoboken (2001)
MATH Google Scholar
Frohlich, H., et al.: Feature Selection for Support Vector Machines by Means of Genetic Algorithm. Tools with Artificial Intelligence, 142–148 (2003)
Google Scholar
Fugate, M., et al.: Anomaly Detection Enhanced Classification in Computer Intrusion Detection. In: Lee, S.-W., Verri, A. (eds.) SVM 2002. LNCS, vol. 2388, pp. 186–197. Springer, Heidelberg (2002)
Chapter Google Scholar
Hu, W., et al.: Robust Support Vector Machines for Anomaly Detection in Computer Security. In: Proc. of Int. Conf. on Machine Learning and Applications 2003, pp. 168–174. CSREA Press (2003)
Google Scholar
KDD-CUP-99 Task Description: http://kdd.ics.uci.edu/databases/kddcup99/task.html
KDD Cup 1999 Data.: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Kim, D.S., Park, J.S.: Network-based Intrusion Detection with Support Vector Machines. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 747–756. Springer, Heidelberg (2003)
Chapter Google Scholar
Kruegel, C., et al.: Stateful Intrusion Detection for High-Speed Networks. In: Proc. of the IEEE Symposium on Research on Security and Privacy, pp. 285–293 (2002)
Google Scholar
Mitchell, M.: Introduction to Genetic Algorithms. MIT Press, Cambridge (1999)
Google Scholar
Mukkamala, S., et al.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proc. of IEEE Int. Joint Conf. on Neural Networks, pp. 1702–1707 (2002)
Google Scholar
Mukkamala, S., Sung, A.H.: Feature Selection for Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proc. of the 82nd Annual Meeting of the Transportation Research Board, National Academics, Washington (2003)
Google Scholar
Ohn, S.-Y., et al.: Determining Optimal Decision Model for Support Vector Machine by Genetic Algorithm. In: Zhang, J., He, J.-H., Fu, Y. (eds.) CIS 2004. LNCS, vol. 3314, pp. 895–902. Springer, Heidelberg (2004)
Chapter Google Scholar
Park, J.S., et al.: Using Support Vector Machine to Detect the Host-based Intrusion IRC. In: Int. Conf. on Internet Information Retrieval, pp. 172–178 (2002)
Google Scholar
Pfahringer, B.: Winning the KDD99 Classification Cup (1999), http://www.ai.univie.ac.at/~bernhard/kddcup99.html
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)
MATH Google Scholar

Download references

Author information

Authors and Affiliations

Computer Engineering Department, Hankuk Aviation University,
Dong Seong Kim, Ha-Nam Nguyen, Syng-Yup Ohn & Jong Sou Park

Authors

Dong Seong Kim
View author publications
You can also search for this author in PubMed Google Scholar
Ha-Nam Nguyen
View author publications
You can also search for this author in PubMed Google Scholar
Syng-Yup Ohn
View author publications
You can also search for this author in PubMed Google Scholar
Jong Sou Park
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Mechanical and Automation Engineering, The Chinese University of Hong Kong, Shatin, New Territories, Hong Kong, China
Jun Wang
The Key Laboratory of Optoelectric Technology & Systems, Ministry of Education, China
Xiao-Feng Liao
Computational Intelligence Laboratory, School of Computer Science and Engineering, University of Electronic Science and Technology of China, 610054, Chengdu, P.R. China
Zhang Yi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kim, D.S., Nguyen, HN., Ohn, SY., Park, J.S. (2005). Fusions of GA and SVM for Anomaly Detection in Intrusion Detection System. In: Wang, J., Liao, XF., Yi, Z. (eds) Advances in Neural Networks – ISNN 2005. ISNN 2005. Lecture Notes in Computer Science, vol 3498. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427469_67

Download citation

DOI: https://doi.org/10.1007/11427469_67
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25914-5
Online ISBN: 978-3-540-32069-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics