Testing and Improving the Performance of SVM Classifier in Intrusion Detection Scenario

Intrusion Detection attempts to detect computer attacks by examining various data records observed in processes on the network. Anomaly discovery has attracted the attention of many researchers to overcome the disadvantage of signature-based IDSs in discovering complex attacks. Although there are some existing mechanisms for Intrusion detection, there is need to improve the performance. Machine Learning techniques are a new approach for Intrusion detection and KDDCUP’99 is the mostly widely used data set for the evaluation of these systems. The goal of this research is using the SVM machine learning model with different kernels and different kernel parameters for classification unwanted behavior on the network with scalable performance. Also elimination of the insignificant and/or useless inputs leads to a simplification of the problem, faster and more accurate detection may result. This work also evaluates the performance of other learning techniques (Filtered J48 clustering, Naïve Bayes) over benchmark intrusion detection dataset for being complementary of SVM. The model generation is computation intensive; hence to reduce the time required for model generation various different algorithms. Various algorithms for cluster to class mapping and instance testing have been proposed to overcome problem of time consuming for real time detection. I show that our proposed variations matured in this paper, contribute significantly in improving the training and classifying process of SVM with high generalization accuracy and outperform the enhanced technique.