Author
Abstract
Intrusion detection system (IDS) is a system that gathers and analyzes information from various areas within a computer or a network to identify attacks made against these components. This research proposed an Intrusion Detection Model (IDM) for detection intrusion attempts, the proposal is a hybrid IDM because it considers both features of network packets and host features that are sensitive to most intrusions. The dataset used to build the hybrid IDM is the proposed HybD (Hybrid Dataset) dataset which composed of the 10% KDD '99 dataset features (41) and suggested host-based features (3). Two Data Mining DM classifiers (Support Vector Machine (SVM)) classifier and Naïve Bayesian (NB) Classifier) are used to build and verify the validity of the proposed model in term of accuracy rate. The proposal trying to ensure the detection speed of the hybrid IDM, that by reducing the HybD dataset features used by considering the most critical features in the detection but with saving of high accuracy rate without degradation that may be caused by that reduction. Two different measures are used for selecting and ranking HybD dataset features; they are Principle Component Analysis (PCA) and Gain Ratio (GR). The sets of features that have been resulted from these two measures and the all features set will be the feeding of both SVM and NB. The results obtained from executing the proposed model showing that SVM classifier accuracy rate is generally higher than that of NB classifier with the three sets of features. With SVM classifier the best accuracy rate resulted with set of features selected by PCA. The most critical features obtained by PCA are ranging to (17) features from 44 features: three of the suggested host features and (14) of the 10% KDD'99 features.
Suggested Citation
Soukaena Hassan Hashem, 2013.
"Efficiency of Svm and PCA to Enhance Intrusion Detection System,"
Journal of Asian Scientific Research, Asian Economic and Social Society, vol. 3(4), pages 381-395.
Handle:
RePEc:asi:joasrj:v:3:y:2013:i:4:p:381-395:id:3490
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:asi:joasrj:v:3:y:2013:i:4:p:381-395:id:3490. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Robert Allen (email available below). General contact details of provider: https://archive.aessweb.com/index.php/5003/ .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.