Network Intrusion Detection Using Multiclass SVM
Authors: Usha Khichi, Nisha Bhati
Certificate: View Certificate
Abstract
This paper presents a support vector machine (SVMs) based intrusion detection technique for the internet based attacks on a computer network. The intrusion detection systems (IDS) have been created to predict and thwart current and future attacks. SVMs are used to identify and predict unusual activities in the system. Training and testing data were obtained from the DARPA and KDD\'99 intrusion detection evaluation data sets. The experimental results on real-data showed promising results on detection intrusion systems using multiclass support vector machine.
Introduction
Internet, together with enterprise networks, plays a major role in global economic and business development. Yet, the variety of network attacks, and their continuously changing nature, can make difficult to achieve secure network. Flexible defense methods that can quickly investigate large quantities of network traffic and accurately detect different kinds of attacks is needed. In network security, anomaly-based IDSs are valuable methodologies to identify both known and unknown (new) attacks. Anomaly-based IDSs are trained to continuously observe normal patterns of behavior and recognize any deviations, or anomalies, from existing normal behaviors [1]. In anomalybased IDSs, the occurrence of an anomaly can provide critical information. For example, an unusualnetwork traffic pattern could mean that a server is under attack and that data is being moved to an unapproved destination. Anomalies in network traffic highlight not only previously-known attacks, but also identify brand-new attack patterns. However, in many scenarios, anomalies might be normal behaviors that have simply not yet been identified. Thus anomaly-based NIDSs need to be continuously updated with new behaviors and new network protocols. Many IDS methods still suffer from high false alarm rates and low detection accuracy against unknown attacks. In the past few years, a class of machine learning algorithm, called deep learning, is increasingly being used in classification and pattern recognition. Deep learning applies several information processing layers into a hierarchical architecture to generate a deep model. Deep learning is different from conventional machine learning because of its ability to detect optimal features in raw data through consecutive nonlinear transformations, with each transformation reaching a higher level of abstraction and complexity [2]. Deep learning approaches had been effectively applied to diverse research fields such as medical image processing, natural language processing, speech recognition, and signal recognition.
Conclusion
The various combination of training dataset has used for performance analysis. The multi-class support vector machine (SVM)algorithm has successfully used for development of intrusion detection system (IDS). The significant attributes is less than half of the total attributes which gives the performance above the 97.83%.
Copyright
Copyright © 2025 Usha Khichi, Nisha Bhati. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.