Home | Issues | Profile | History | Submission | Review
Vol: 59(73) No: 2 / December 2014 

Comparative Study on Intrusion Detection Systems using Support Vector Machines Improved with Swarm Intelligence
Adriana-Cristina Enache
Politehnica University of Bucharest, Faculty of Automatic Control and Computer Science, Bucharest, Romania, Splaiul Independenței 313, e-mail: adryanaenache@gmail.com
Victor Valeriu Patriciu
Military Technical Academy, Faculty of Computer Science, Bucharest, Romania, George Coșbuc, 39-49, e-mail: vip@mta.ro


Keywords: Intrusion Detection, SVM, Swarm Intelligence

Abstract
The dynamic and complex nature of cyber threats demands new security solution approaches that can offer defense and adapt to these continuous changes. Intrusion Detection Systems are a plausible security solution as they are capable to handle huge data and to recognize unknown attacks when based on anomaly detection. Support Vector Machines can enable intrusion detection and has several properties which recommend it for efficient implementations such as: good generalization, no local minima or fast execution time in high dimensional data. However, a shortcoming of SVM is that its performance results are influenced by user input parameters. In this paper we show a comparative study of proposed IDS which combine SVM with Swarm Intelligence Algorithms. We test our three proposed IDS models for the NSL-KDD dataset and empirically prove that SI can better the SVM classifier for intrusion detection.

References
[1] A.-C. Enache and V. V. Patriciu, “Intrusions Detection Based On Support Vector Machine Optimized with Swarm Intelligence”, in Proc. IEEE 9th International Symposium on Applied Computational Intelligence and Informatics (SACI 2014), Timisoara, Romania, 2014, pp. 153-158.
[2] A.-C. Enache and V. V. Patriciu, “Spam Host Classification Using Swarm Intelligence”, in Proc. 10th International Conference on COMMUNICATIONS (COMM2014), Bucharest, Romania, 2014, pp. 207-210.
[3] H.-S. Kim and S.-D. Cha, “Empirical evaluation of SVM-based masqueradedetection using UNIX commands”, Computers and Security, vol. 24, no. 2, pp. 160–168, March 2005.
[4] J. Ma, X. Liu and S. Liu, “A New Intrusion Detection Method Based on BPSO-SVM”, in Proc. International Symposium on Computational Intelligence and Design (ISCID2008), vol. 1, 2008, p.473–477.
[5] J. Wang ,X. Hong, R. Ren, T. Li, “A real-time intrusion detection system based on PSO-SVM”, in Proc.International Workshop on Information Security and Application 2009 (IWISA 2009), 2009, pp. 319–321.
[6] J. Pu, Y. Li, L. Xiao and X. Dong, “A Detection Method of Network Intrusion Based on SVM and Ant Colony Algorithm”, in Proc. National Conference on Information Technology and Computer Science (CITCS 2012), 2012, pp. 153–156.
[7] H. G. Jung, P. J. Yoon and J. Kim, “Genetic algorithm-based optimizationof SVM-based pedestrian classifier”, in Proc. 22nd International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC2007), Busan, Korea, 2007, pp.783–784.
[8] R. Eberhart and J. Kennedy, “A new optimizer using particle swarm theory”, in Proc. 6th International Symposium on Micro Machine and Human Science, Nagoya, Japan, 1995, pp. 39–43.
[9] D. Karaboga, An Ideea Based on Honey Bee Swarm for numerical optimization - technical report -TR06, Erciyes University, Engineering Faculty, Computer Engineering Department, 2005.
[10] A.-C. Enache and V. Sgârciu, “Anomaly Intrusion Detection Based on Support Vector Machines with Bat Algorithm”, in Proc. 18th International Conference on System Theory, Control and Computing (ICSTCC 2014), Sinaia, Romania, 2014, pp. 862-867.
[11] X.-S. Yang, “A New Metaheuristic Bat-Inspired Algorithm”, in Proc. Nature Inspired Cooperative Strategies for Optimization (NISCO 2010), Studies in Computational Intelligence, Springer-Verlag, Berlin, vol. 284, 2010, pp. 65-74.
[12] M. Tavallaee, E. Bagheri, W. Lu and A. A. Ghorbani, “A Detailed Analysis of the KDD CUP 99 Data Set”, in Proc. 2009 IEEE Symposiumon Computational Intelligence in Security and Defense Application (CISDA), Ottawa, ON, Canada, 2009, pp.1–6.
[13] A. Elngar, D. El A. Mohamed and F. M. Ghaleb, “A Real-Time Anomaly Network Intrusion Detection System with High Accuracy “, InformationSciences Letters, vol. 2, no. 2, pp. 49–56, 2013.
[14] U. M. Fayyad and K. B. Irani, “Multi-interval discretisation of continuous-valued attributes”, in Proc. Thirteenth International Joint Conference on Artificial Intelligence, 1993, pp. 1022–1027.
[15] H. Witten and E. Frank, Data Mining: Practical Machine Learning Tools and Techniques, 2nd ed. San Francisco: Morgan Kaufmann, 2005.