Md. Al Mehedi Hasan1
, Shuxiang Xu2
, Mir Md. Jahangir Kabir2
and Shamim
Ahmad1
1Department of Computer Science and Engineering, University of Rajshahi, Bangladesh.
2
School of Engineering and ICT, University of Tasmania, Australia.
The success of any Intrusion Detection System (IDS) is a complicated problem due to its nonlinearity and
the quantitative or qualitative network traffic data stream with numerous features. As a result, in order to
get rid of this problem, several types of intrusion detection methods with different levels of accuracy have
been proposed which leads the choice of an effective and robust method for IDS as a very important topic
in information security. In this regard, the support vector machine (SVM) has been playing an important
role to provide potential solutions for the IDS problem. However, the practicability of introducing SVM is
affected by the difficulties in selecting appropriate kernel and its parameters. From this viewpoint, this
paper presents the work to apply different kernels for SVM in ID Son the KDD’99 Dataset and NSL-KDD
dataset as well as to find out which kernel is the best for SVM. The important deficiency in the KDD’99
data set is the huge number of redundant records as observed earlier. Therefore, we have derived a data
set RRE-KDD by eliminating redundant record from KDD’99train and test dataset prior to apply different
kernel for SVM. This RRE-KDD consists of both KDD99Train+ and KDD99 Test+ dataset for training
and testing purposes, respectively. The way to derive RRE-KDD data set is different from that of NSL-KDD
data set. The experimental results indicate that Laplace kernel can achieve higher detection rate and lower
false positive rate with higher precision than other kernel son both RRE-KDD and NSL-KDD datasets. It is
also found that the performances of other kernels are dependent on datasets.
KEYWORDS
Intrusion Detection, KDD’99, NSL-KDD, Support Vector Machine, Kernel, Kernel Selection
More details...
No comments:
Post a Comment