The Study And Simulation Of Intrusion Detection System With Support Vector Machines

In recent years, with the rapid development of computer technology and Internet, the amount of network information grow tremendously. However, what the rapid development of information technology brings to people is not only convenience, but also the problem of network security. Network Intrusions emerge in an enormous number. To deal with the thorny security problem, researchers proposed many techniques. Among them, intrusion detection which can actively detect and block intrusions is becoming a hot topic in network security.Nevertheless, conventional intrusion detection techniques are almost expert knowledge systems with rule matching. They need to update matching patterns manually, making them costly and inefficient. To overcome this weakness, numerous intrusion detection techniques based on machine learning are presented. Machine learning can automatically build intrusion patterns by training with massive audit data, improving the efficiency of intrusion detection systems immensely.Among various machine learning techniques, Support Vector Machines(SVMs) show their superiority in small samples and high dimension problems. The main contribution of this paper is as follows:Firstly, with the analysis of theoretical basis of SVMs and SVMs method, this paper proposes an intrusion detection system with Twin SVMs(TWSVMs) and analyze each module in the proposed intrusion detection system. To settle the problem of parameter determination, this paper proposes a parameter determination algorithm for TWSVMs. In addition, an intrusion detection system with One-Class SVMs is also proposed to deal with unlabeled dataset. To evaluate the performance of the proposed intrusion detection systems, KDD’99dataset is introduced as experiment data. The comparison with other recent researches shows that the performance of the proposed intrusion detection system with TWSVMs improves significantly on all the4attacks, especially on the tiny attacks. The overall detection rate is also the highest. In addition, the intrusion detection system with One-Class SVMs can also detect intrusions efficiently by using unlabeled training dataset.