Abstract
It is important problems to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). These problems can be viewed as optimization problems for features and parameters for a detection model in IDS. This paper proposes fusions of Genetic Algorithm (GA) and Support Vector Machines (SVM) for efficient optimization of both features and parameters for detection models. Our method provides optimal anomaly detection model which is capable to minimize amounts of features and maximize the detection rates. In experiments, we show that the proposed method is efficient way of selecting important features as well as optimizing the parameters for detection model and provides more stable detection rates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, X.: Gene Selection for Cancer Classification Using Bootstrapped Genetic Algorithms and Support Vector Machines. In: The Computational Systems Bioinformatics Conference, pp. 504–505 (2003)
Duda, R.O., et al.: Pattern Classification, 2nd edn. Wiley Interscience Inc., Hoboken (2001)
Frohlich, H., et al.: Feature Selection for Support Vector Machines by Means of Genetic Algorithm. Tools with Artificial Intelligence, 142–148 (2003)
Fugate, M., et al.: Anomaly Detection Enhanced Classification in Computer Intrusion Detection. In: Lee, S.-W., Verri, A. (eds.) SVM 2002. LNCS, vol. 2388, pp. 186–197. Springer, Heidelberg (2002)
Hu, W., et al.: Robust Support Vector Machines for Anomaly Detection in Computer Security. In: Proc. of Int. Conf. on Machine Learning and Applications 2003, pp. 168–174. CSREA Press (2003)
KDD-CUP-99 Task Description: http://kdd.ics.uci.edu/databases/kddcup99/task.html
KDD Cup 1999 Data.: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Kim, D.S., Park, J.S.: Network-based Intrusion Detection with Support Vector Machines. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 747–756. Springer, Heidelberg (2003)
Kruegel, C., et al.: Stateful Intrusion Detection for High-Speed Networks. In: Proc. of the IEEE Symposium on Research on Security and Privacy, pp. 285–293 (2002)
Mitchell, M.: Introduction to Genetic Algorithms. MIT Press, Cambridge (1999)
Mukkamala, S., et al.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proc. of IEEE Int. Joint Conf. on Neural Networks, pp. 1702–1707 (2002)
Mukkamala, S., Sung, A.H.: Feature Selection for Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proc. of the 82nd Annual Meeting of the Transportation Research Board, National Academics, Washington (2003)
Ohn, S.-Y., et al.: Determining Optimal Decision Model for Support Vector Machine by Genetic Algorithm. In: Zhang, J., He, J.-H., Fu, Y. (eds.) CIS 2004. LNCS, vol. 3314, pp. 895–902. Springer, Heidelberg (2004)
Park, J.S., et al.: Using Support Vector Machine to Detect the Host-based Intrusion IRC. In: Int. Conf. on Internet Information Retrieval, pp. 172–178 (2002)
Pfahringer, B.: Winning the KDD99 Classification Cup (1999), http://www.ai.univie.ac.at/~bernhard/kddcup99.html
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, D.S., Nguyen, HN., Ohn, SY., Park, J.S. (2005). Fusions of GA and SVM for Anomaly Detection in Intrusion Detection System. In: Wang, J., Liao, XF., Yi, Z. (eds) Advances in Neural Networks – ISNN 2005. ISNN 2005. Lecture Notes in Computer Science, vol 3498. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427469_67
Download citation
DOI: https://doi.org/10.1007/11427469_67
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25914-5
Online ISBN: 978-3-540-32069-2
eBook Packages: Computer ScienceComputer Science (R0)