Abstract
In this paper, a hybrid method of support vector machine and genetic algorithm (GA) is proposed and its implementation in intrusion detection problem is explained. The proposed hybrid algorithm is employed in reducing the number of features from 45 to 10. The features are categorized into three priorities using GA algorithm as the highest important is the first priority and the lowest important is placed in the third priority. The feature distribution is done in a way that 4 features are placed in the first priority, 4 features in the second, and 2 features in the third priority. The results reveal that the proposed hybrid algorithm is capable of achieving a true-positive value of 0.973, while the false-positive value is 0.017.
Similar content being viewed by others
References
Massa D, Valverde R (2014) A fraud detection system based on anomaly intrusion detection systems for e-commerce applications. Comput Inf Sci 7(2):117
Luo B, Xia J (2014) A novel intrusion detection system based on feature generation with visualization strategy. Expert Syst Appl 41(9):4139
Agah A, Das SK, Basu K, Asadi M (2004) In: Proceedings of network computing and applications, 2004 (NCA 2004). Symposium on third IEEE international. IEEE, pp 343–346
Anantvalee T, Wu J (2007) Wireless network security. Springer, US, pp 159–180
Hwang K, Cai M, Chen Y, Qin M (2007) Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans Dependable Secure Comput 4(1):41–55
Tsang CH, Kwong S, Wang H (2007) Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recognit 40(9):2373–2391
Tsai CF, Lin CY (2010) A triangle area based nearest neighbors approach to intrusion detection. Pattern Recognit 43(1):222–229
Jing W, Yan-heng L, Fan-xue M, Rong L (2010) In: The 7th international conference on informatics and systems (INFOS), 2010. IEEE, pp 1–6
Wang G, Hao J, Ma J, Huang L (2010) A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering. Expert Syst Appl 37(9):6225–6232
Kumar G, Reddy DK (2014) In: International conference on electronic systems, signal processing and computing technologies (ICESC), 2014. IEEE, pp 429–433
Li W (2004) In: Proceedings of the United States Department of Energy Cyber Security Group, pp 1–8
Rahmani R, Mahmodian M, Mekhilef S, Shojaei A (2012) In: IEEE student conference on research and development (SCOReD), 2012. pp 109–113. doi:10.1109/SCOReD.2012.6518621
Rahmani R, Seyedmahmoudian M, Mekhilef S, Yusof R (2013) Implementation of fuzzy logic maximum power point tracking controller for photovoltaic system. Am J Appl Sci 10:209–218
Rahmani R, Langeroudi N, Yousefi R, Mahdian M, Seyedmahmoudian M (2014) Neural Computing and Applications pp. 1–10. doi:10.1007/s00521-014-1561-9
Rahmani R, Othman M, Shojaei A, Yusof R (2014) Static VAR compensator using recurrent neural network. Electr Eng 96(2):109–119
Fa HK, Yusof R, Rahmani R, Ahmadi M (2013) Optimization of DNA sensor model based nanostructured graphene using particle swarm optimization technique. J Nanomater 2013(2013):1–9
Rahmani R, Yusof R (2014) A new simple, fast and efficient algorithm for global optimization over continuous search-space problems: radial movement optimization. Appl Math Comput 248:287–300
Rahmani R, Karimi H, Ranjbari L, Emadi M, Seyedmahmoudian M, Shafiabady A, Ismail R (2014) Structure and thickness optimization of active layer in nanoscale organic solar cells. Plasmonics 10(3):495–502
Abdullah K, Lee C, Conti G, Copeland JA, Stasko J (2005) IDS rainstorm: Visualizing IDS alarms. In: IEEE workshops on visualization for computer security, 2005. IEEE, p 1
Kruegel C, Toth T (2003) Using decision trees to improve signature-based intrusion detection. In: Recent advances in intrusion detection. Springer, Berlin, pp 173–191
Garcia-Teodoro P, Diaz-Verdejo J, Maciá-Fernndez G, Vázquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput secur 28(1):18–28
Wool A (2004) A quantitative study of firewall configuration errors. Computer 37(6):62–67
Aneetha A, Indhu T, Bose S In: Proceedings of the second international conference on computational science, engineering and information technology. ACM, pp 47–51
Kohavi R, John GH (1997) Wrappers for feature subset selection. Artif Intell 97(1):273–324
Chebrolu S, Abraham A, Thomas JP (2005) Feature deduction and ensemble design of intrusion detection systems. Comput Secur 24(4):295–307
Li Y, Wang JL, Tian ZH, Lu TB, Young C (2009) Building lightweight intrusion detection system using wrapper-based feature selection mechanisms. Comput Secur 28(6):466–475
Li Y, Xia J, Zhang S, Yan J, Ai X, Dai K (2012) An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst Appl 39(1):424–430
Lippmann RP, Fried DJ, Graf I, Haines JW, Kendall KR, McClung D, Weber D, Webster SE, Wyschogrod D, Cunningham RK (2000) In: Proceedings of DARPA information survivability conference and exposition, 2000. DISCEX’00, vol. 2. IEEE, vol. 2, pp 12–26
Cunningham RK, Lippmann RP, Fried DJ, Garfinkel SL, Graf I, Kendall KR, Webster SE, Wyschogrod D, Zissman MA (1999) Evaluating intrusion detection systems without attacking your friends: the 1998 darpa intrusion detection evaluation. Tech. rep., DTIC Document
Goh VT, Zimmermann J, Looi M (2009) In: International conference on availability, reliability and security, 2009. ARES’09. IEEE, pp 540–545
Goh VT, Zimmermann J, Looi M (2010) Experimenting with an intrusion detection system for encrypted networks. Int J Cryptol Res 5:172
Hashemi VM, Muda Z, Yassin W (2013) Improving intrusion detection using genetic algorithm. Inf Technol J 12(5):2167–2173
Cortes C, Vapnik V (1995) Support-vector networks. Mach Learn 20(3):273–297
Gupta P, Shinde SK (2011) Genetic algorithm technique used to detect intrusion detection. Springer, Berlin, pp 122–131
Alcalá R, Alcalá-Fdez J, Casillas J, Cordón O, Herrera F (2006) Hybrid learning models to get the interpretability–accuracy trade-off in fuzzy modeling. Soft Comput 10(9):717–734
Abraham A, Corchado E, Corchado JM (2009) Hybrid learning machines. Neurocomputing 72(13):2729–2730
Yu E, Cho S (2003) In: Neural networks, 2003. Proceedings of the International Joint Conference on IEEE, vol. 3, pp 2253–2257
Li L, Jiang W, Li X, Moser KL, Guo Z, Du L, Wang Q, Topol EJ, Wang Q, Rao S (2005) A robust hybrid between genetic algorithm and support vector machine for extracting an optimal feature gene subset. Genomics 85(1):16–23
Bolon-Canedo V, Sanchez-Marono N, Alonso-Betanzos A (2011) Feature selection and classification in multiple class datasets: an application to KDD Cup 99 dataset. Expert Syst Appl 38(5):5947–5957
Engen V, Vincent J, Phalp K (2011) Exploring discrepancies in findings obtained with the KDD Cup’99 data set. Intell Data Anal 15(2):251–276
Raghuveer K et al (2012) Performance evaluation of data clustering techniques using KDD Cup-99 Intrusion detection data set. Int J Inf Netw Secur (IJINS) 1(4):294–305
Cheng J, Hatzis C, Hayashi H, Krogel MA, Morishita S, Page D, Sese J (2002) KDD Cup 2001 report. ACM SIGKDD Explor Newsl 3(2):47–64
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Aslahi-Shahri, B.M., Rahmani, R., Chizari, M. et al. A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput & Applic 27, 1669–1676 (2016). https://doi.org/10.1007/s00521-015-1964-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-015-1964-2