Abstract
Detecting intrusion in network traffic has remained a problem for years. Development in the field of machine learning provides an opportunity for researchers to detect network intrusion without using a database signature. Accuracy and completeness are two critical aspects in determining the performance of an intrusion detection system. The amount of unbalanced training data on each type of attack causes the system to have high accuracy, but it is difficult to detect all kinds of attacks. So, it does not meet the completeness aspect. In this paper, we propose an intrusion detection model using a combination of the modified rank-based information gain feature selection method, log normalization, and Support Vector Machine with parameter optimization. Overall accuracy achieved using 17 features from NSLKDD dataset is 99.8%, while the false alarm rate is 0.2%. The completeness aspect can be achieved, and the detection accuracy of the minority class can be increased.
Original language | English |
---|---|
Pages (from-to) | 378-389 |
Number of pages | 12 |
Journal | International Journal of Intelligent Engineering and Systems |
Volume | 12 |
Issue number | 4 |
DOIs | |
Publication status | Published - 2019 |
Keywords
- Feature selection
- Intrusion detection
- Network security
- Normalization
- Support vector machine