×

A novel SVM by combining kernel principal component analysis and improved chaotic particle swarm optimization for intrusion detection. (English) Zbl 1382.68196

Summary: A novel support vector machine (SVM) model by combining kernel principal component analysis (KPCA) with improved chaotic particle swarm optimization (ICPSO) is proposed to deal with intrusion detection. The proposed method, in which multi-layer SVM classifier is employed to estimate whether the action is an attack, KPCA is applied as a preprocessor of SVM to reduce the dimension of feature vectors and shorten training time. To shorten the training time and improve the performance of SVM, N-RBF is employed to reduce the noise generated by feature differences, and ICPSO is presented to optimize the punishment factor \(C\), kernel parameters \(\sigma\) and the tube size \(\varepsilon\) of SVM, which introduces chaos optimization and premature processing mechanism. Experimental results illustrate that the improved SVM model has faster computational time and higher predictive accuracy, and it can also shorten the training time and improve the performance of SVM.

MSC:

68T05 Learning and adaptive systems in artificial intelligence
62H25 Factor analysis and principal components; correspondence analysis
62H30 Classification and discrimination; cluster analysis (statistical aspects)
68M11 Internet topics
68T20 Problem solving in the context of artificial intelligence (heuristics, search strategies, etc.)

Software:

LIBSVM
PDFBibTeX XMLCite
Full Text: DOI

References:

[1] Chen ZG, Ren HD, Du XJ (2008) Minimax probability machine classifier with feature extraction by kernel PCA for intrusion detection. In: Proceedings of WiCOM08, pp 1-4
[2] Chimphlee W, Addullah AH, Sap MNM et al (2006) Anomaly-based intrusion detection using fuzzy rough clustering. In: Proceedings of ICHIT06, pp 329-334
[3] Ding M, Tian Z, Xu H (2009) Adaptive kernel principal analysis for online feature extraction. Proc World Acad Sci Eng Technol 59:288-293
[4] Eskin E (2000) Anomaly detection over noisy data using learned probability distributions. In: Proceedings of ICML2000, pp 255-262
[5] Fei R, Hu L, Liang H (2008) Using density-based incremental clustering for anomaly detection. In: Proceedings of CSSE08, pp 986-989
[6] Horng SJ, Su MY, Chen YH et al (2011) A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Syst Appl 38:306-313 · doi:10.1016/j.eswa.2010.06.066
[7] Hsu CW, Chang CC, Lin C J (2010) A practical guide to support vector classification. http://www.csie.ntu.edu.tw/ cjlin/papers/guide/guide.pdf. Accessed 2 December 2011
[8] Hu W, Liao Y, Vemuri V (2003) Robust support vector machines for anomaly detection in computer security. In: Proceedings of ICMLA03, pp 23-24
[9] Jolliffe IT (1986) Principle component Analysis. Springer, New York · doi:10.1007/978-1-4757-1904-8
[10] Kavitha B, Karthikeyan S, Maybell PS (2012) An ensemble design of intrusion detection system for handling uncertainty using neutrosophic logic classifier. Knowl Based Syst 28:88-96 · doi:10.1016/j.knosys.2011.12.004
[11] Khan L, Awad M, Thuraisingham B (2007) A new intrusion detection system using support vector machines and hierarchical clustering. Int J Very Large Data Bases 16:507-521 · doi:10.1007/s00778-006-0002-5
[12] Kolias C, Kambourakis G, Maragoudakis M (2011) Swarm intelligence in intrusion detection: a survey. Comput Secur 30:625-642 · doi:10.1016/j.cose.2011.08.009
[13] Kuang FJ, Xu WH, Zhang SY et al (2012) A novel approach of KPCA and SVM for intrusion detection. J Comput Inform Syst 8(8):3237-3244
[14] Kuang FJ, Xu WH, Zhang SY (2014) A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl Soft Comput 18:178-184 · doi:10.1016/j.asoc.2014.01.028
[15] Lee JH, Lee JH, Sohn SG, et al (2008) Effective value of decision tree with KDD 99 intrusion detection datasets for intrusion detection system. In: Proceedings of ICACT08, pp 1170-1175
[16] Li B, Jiang WS (1997) Chaos optimization method and its application. Control Theory Appl 14(4):613-615
[17] Peddabachigari S, Abraham A, Grosan C (2007) Modeling intrusion detection system using hybrid intelligent systems. J Netw Comput Appl 30(1):114-132 · doi:10.1016/j.jnca.2005.06.003
[18] Schölkopf B, Smola A, Müller KR (1998) Nonlinear component analysis as a Kernel eigenvalue problem. Neural Comput 10(5):1299-1319 · doi:10.1162/089976698300017467
[19] Shafi K, Abbass HA (2009) An adaptive genetic based signature learning system for intrusion detection. Expert Syst Appl 36(10):12036-12043 · doi:10.1016/j.eswa.2009.03.036
[20] Shon T, Kim Y, Lee C, Moon J (2005) A machine learning framework for network anomaly detection using SVM and GA. In: Proceedings of IWIAS05, pp 176-183
[21] Srinoy S (2007) Intrusion detection model based on particle swarm optimization and support vector machine. In: Proceedings of CISDA07, pp 186-192
[22] Srivastava D, Bhambhu L (2010) Data classification using support vector machine. J Theor Appl Inf Technol 12(1):1-7
[23] Stolfo S J, Fan W, Prodromidis A, et al (1999) KDD Cup 1999 Data. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed 22 December 2011
[24] Tsai CF, Hsu YF, Lin CY, Lin WY (2009) Intrusion detection by machine learning: a review. Expert Syst Appl 36:11994-12000 · doi:10.1016/j.eswa.2009.05.029
[25] Tsai CF, Lin CY (2010) A triangle area based nearest neighbors approach to intrusion detection. Pattern Recognit 43(1):222-229 · Zbl 1187.68508 · doi:10.1016/j.patcog.2009.05.017
[26] Wang J, Hong X, Ren R, Li T (2009) A real-time intrusion detection system based on PSO-SVM. In: Proceedings of IWISA09, pp 319-321
[27] Wang G, Hao JX, Ma J, Huang LH (2010) A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Syst Appl 37:6225-6232
[28] Wang W, Battiti R (2006) Identifying intrusions in computer networks with principal component analysis. In: Proceedings of ARES06, pp 270-279 · Zbl 1187.68508
[29] Wu SX, Banzhaf W (2010) Use of computational intelligence in intrusion detection systems: a review. Appl Soft Comput 10(1):1-35 · Zbl 1197.35113 · doi:10.1016/j.asoc.2009.06.019
[30] Yang P, Zhu QS (2011) Finding key attribute subset in dataset for outlier detection. Knowl Based Syst 24(2):269-274 · doi:10.1016/j.knosys.2010.09.003
[31] Zhang MH, Li G (2012) Network intrusion detection based on least squares support vector machine and chaos particle swarm optimization algorithm. J Converg Inf Technol 7(4):169-173
[32] Zhang Z, Shen H (2005) Application of online-training SVMs for real-time intrusion detection with different considerations. Comput Commun 28(12):1428-1442 · doi:10.1016/j.comcom.2005.01.014
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.