首页    期刊浏览 2024年11月08日 星期五
登录注册

文章基本信息

  • 标题:Support Vector Machine and Random Forest Modeling for Intrusion Detection System (IDS)
  • 本地全文:下载
  • 作者:Md. Al Mehedi Hasan ; Mohammed Nasser ; Biprodip Pal
  • 期刊名称:Journal of Intelligent Learning Systems and Applications
  • 印刷版ISSN:2150-8402
  • 电子版ISSN:2150-8410
  • 出版年度:2014
  • 卷号:6
  • 期号:1
  • 页码:45-52
  • DOI:10.4236/jilsa.2014.61005
  • 出版社:Scientific Research Publishing
  • 摘要:The success of any Intrusion Detection System (IDS) is a complicated problem due to its nonlinearity and the quantitative or qualitative network traffic data stream with many features. To get rid of this problem, several types of intrusion detection methods have been proposed and shown different levels of accuracy. This is why the choice of the effective and robust method for IDS is very important topic in information security. In this work, we have built two models for the classification purpose. One is based on Support Vector Machines (SVM) and the other is Random Forests (RF). Experimental results show that either classifier is effective. SVM is slightly more accurate, but more expensive in terms of time. RF produces similar accuracy in a much faster manner if given modeling parameters. These classifiers can contribute to an IDS system as one source of analysis and increase its accuracy. In this paper, KDD’99 Dataset is used and find out which one is the best intrusion detector for this dataset. Statistical analysis on KDD’99 dataset found important issues which highly affect the performance of evaluated systems and results in a very poor evaluation of anomaly detection approaches. The most important deficiency in the KDD’99 dataset is the huge number of redundant records. To solve these issues, we have developed a new dataset, KDD99Train+ and KDD99Test+, which does not include any redundant records in the train set as well as in the test set, so the classifiers will not be biased towards more frequent records. The numbers of records in the train and test sets are now reasonable, which make it affordable to run the experiments on the complete set without the need to randomly select a small portion. The findings of this paper will be very useful to use SVM and RF in a more meaningful way in order to maximize the performance rate and minimize the false negative rate.
  • 关键词:Intrusion Detection; KDD’99; SVM; Kernel; Random Forest
国家哲学社会科学文献中心版权所有