DocumentCode
678516
Title
A hybrid method based on genetic algorithm, self-organised feature map, and support vector machine for better network anomaly detection
Author
Anil, S. ; Remya, R.
Author_Institution
Dept. of Comput. Sci. & Eng., Amrita Vishwa Vidyapeetham, Kollam, India
fYear
2013
fDate
4-6 July 2013
Firstpage
1
Lastpage
5
Abstract
Anomaly-based network intrusion detection techniques are a valuable technology to shield our systems and networks against the malicious activities. Anomaly detection is done by soft margin Support Vector Machine(SVM), which classify the input into any one of the label (normal and anomalous) category with respect to its anomalous behavior. SVM gives much better classification, out of wide variety of class discrimination algorithms which deals with huge collection of data. Here genetic algorithm (GA) and self-organised feature map (SOFM) are used to enhance the feature and information extraction from a huge dataset similar to KDD99. GA gives us the most prominent features contributing to the anomalous behaviour of a connection and SOFM helps to identify similar groups from the dataset by using the similarity metric. These two machine learning algorithms help to reduce the volume of dataset and features to train SVM. The proposed framework GSS (GA-SOFM-SVM) has 10% increase in detection rate and 50% reduction in false positive and false negative rate compared to soft margin SVM.
Keywords
Internet; genetic algorithms; learning (artificial intelligence); security of data; self-organising feature maps; support vector machines; GA-SOFM-SVM; GSS; KDD99; anomaly-based network intrusion detection techniques; class discrimination algorithms; data collection; detection rate; feature extraction; genetic algorithm; information extraction; label category; machine learning algorithms; network anomaly detection; self-organised feature map; similarity metric; soft margin support vector machine; Feature extraction; Genetic algorithms; Intrusion detection; Sociology; Statistics; Support vector machines; Training; Genetic algorithm; Information Gain; Intrusion detection; Network Anomaly; Network security; Self-organised Feature Map; Support vector machine;
fLanguage
English
Publisher
ieee
Conference_Titel
Computing, Communications and Networking Technologies (ICCCNT),2013 Fourth International Conference on
Conference_Location
Tiruchengode
Print_ISBN
978-1-4799-3925-1
Type
conf
DOI
10.1109/ICCCNT.2013.6726604
Filename
6726604
Link To Document