Browse > Article
http://dx.doi.org/10.5762/KAIS.2016.17.2.703

A Comparative Study on the Performance of SVM and an Artificial Neural Network in Intrusion Detection  

Jo, Seongrae (Dept. of MIS, College of Business, Gyeongsang National University)
Sung, Haengnam (College of Business, Gyeongsang National University)
Ahn, Byung-Hyuk (Dept. of MIS, College of Business, Gyeongsang National University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.17, no.2, 2016 , pp. 703-711 More about this Journal
Abstract
IDS (Intrusion Detection System) is used to detect network attacks through network data analysis. The system requires a high accuracy and detection rate, and low false alarm rate. In addition, the system uses a range of techniques, such as expert system, data mining, and state transition analysis to analyze the network data. The purpose of this study was to compare the performance of two data mining methods for detecting network attacks. They are Support Vector Machine (SVM) and a neural network called Forward Additive Neural Network (FANN). The well-known KDD Cup 99 training and test data set were used to compare the performance of the two algorithms. The accuracy, detection rate, and false alarm rate were calculated. The FANN showed a slightly higher false alarm rate than the SVM, but showed a much higher accuracy and detection rate than the SVM. Considering that treating a real attack as a normal message is much riskier than treating a normal message as an attack, it is concluded that the FANN is more effective in intrusion detection than the SVM.
Keywords
Data Mining; Forward Additive Neural Network; IDS(Intrusion Detection System); Intrusion Detection; Neural Network; SVM(Support Vector Machine);
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 Dea-Woo Park, "Consideration for Hacking on National Cyber Security Policy," Review of KIISC, Vol. 21, No. 6, pp. 24-41, 2011.
2 Bace, R. and Mell, P., NIST Special Publication on Intrusion Detection Systems, BOOZ-ALLEN AND HAMILTON INC MCLEAN VA, 2001. DOI: http://dx.doi.org/10.6028/NIST.SP.800-31
3 Hwan Seok Yang, "The Study on Rules for Performance Improvement of Intrusion Detection System," The Journal of KINGComputing, Vol. 5, No. 3, pp. 43-49, 2009.
4 Kyu Won Lee, Jae Won Ji, Hyun Woo Chun, Sang-jo Youk , Geuk Lee, "Traffic Analysis Technique for Intrusion Detectionin in Wireless Network," Journal of Security Engineering, Vol. 7, No. 6, pp. 599-607, 2010.
5 Abadeh, M. S., Habibi, J., and Lucas, C., "Intrusion Detection Using a Fuzzy Genetics-based Learning Algorithm," Journal of Network and Computer Applications, Vol. 30, No. 1, pp. 414-428, 2007. DOI: http://dx.doi.org/10.1016/j.jnca.2005.05.002   DOI
6 Zarrabi, A. and Zarrabi, A., "Internet Intrusion Detection System Service in a Cloud," International Journal of Computer Science Issues, Vol. 9, Issue 5, No. 2, pp. 308-315, 2012.
7 Fares, A. H., Sharawy, M. I., and Zayed, H. H., "Intrusion Detection: Supervised Machine Learning," Journal of Computing Science and Engineering, Vol. 5, No. 4, pp. 305-313, 2011. DOI: http://dx.doi.org/10.5626/JCSE.2011.5.4.305   DOI
8 Wu, S. and Yen, E., "Data Mining-based Intrusion Detectors," Expert Systems with Applications, Vol. 36, No. 3, pp. 5605-5612, 2009. DOI: http://dx.doi.org/10.1016/j.eswa.2008.06.138   DOI
9 Beigh, B. M. and Peer, M. A., "Intrusion Detection and Prevention System: Classification and Quick Review," ARPN Journal of Science and Technology, Vol. 2, No. 7, pp. 661-675, 2012.
10 Kumar, Y. and Dhawan, S., "A Review on Information Flow in Intrusion Detection System," International Journal of Computational Engineering and Management, Vol. 15, No. 1, pp. 91-96, 2012.
11 Singaraju, S. and Kalpana, P., "A Precise Survey on Intrusion Detection Systems," International Journal of Advanced Research in Computer Science and Software Engineering, Vol. 2, No. 9, pp. 243-247, 2012.
12 Denning, D. E., "An Intrusion-Detection Model," IEEE Transaction on Software Engineering, Vol. 13, No. 2, pp. 222-232, 1987. DOI: http://dx.doi.org/10.1109/TSE.1987.232894
13 Nguyen, H. A., and Choi. D., "Application of Data Mining to Network Intrusion Detection: Classifier Selection Model," Challenges for Next Generation Network Operations and Service Management -Lecture Notes in Computer Science, Vol. 5297, pp. 399-408, 2008.
14 Vapnik, V. N., The Nature of Statistical Learning Theory, Springer, 1995. DOI: http://dx.doi.org/10.1007/978-1-4757-2440-0
15 Jalil, K. A., Kamarudin, M. H., and Masrek, M. N., "Comparison of Machine Learning Algorithms Performance in Detecting Network Intrusion," Networking and Information Technology 2010 International Conference, pp. 221-226, 2010.
16 Osareh, A. and Shadgar, B., "Intrusion Detection in Computer Networks Based on Machine Learning Algorithms," International Journal of Computer Science and Network Security, Vol. 8, No. 11, pp. 15-23, 2008.
17 Ibrahim, H. E., Badr, S. M., and Shaheen, M. A., "Phases vs. Levels using Decision Trees for Intrusion Detection Systems," International Journal of Computer Science and Information Security, Vol. 10, No. 8, pp. 1-7, 2012.
18 McCulloch, Warren S., and Walter Pitts., "A logical Calculus of the Ideas Immanent in Nervous Activity," The Bulletin of Mathematical Biophysics, Vol. 5, No. 4, pp. 115-133, 1943. DOI: http://dx.doi.org/10.1007/BF02478259   DOI
19 Rosenblatt, F., Principle of Neuro Dynamics, Washington, D.C.:Spartan Books, 1962.
20 Minsky, M., and Papert, S., Perceptrons, Cambridge, MA : MIT Press, 1969.
21 Rumelhart, D. E., Hilton, G. E., and Williams, R. J., "Learning Internal Representation by Error Propagation," ICS Report, Institute for Cognitive Science, University of California, San Diego, 1986.
22 Ahn, B. H., "Forward Additive Neural Network Models," PhD dissertation, Kent State University, Kent, OH, USA, 1996.
23 Hansung Lee, Younghee Im, Jooyoung Park, Daihee Park, "Adaptive Intrusion Detection System Based on SVM and Clustering ," Journal of Korean Institute of Intelligent Systems, Vol. 13, No. 2, pp. 237-242, 2003.   DOI
24 Chang, C. C. and Lin, C. J., "LIBSVM: A Library for Support Vector Machine," ACM Transactions on Intelligent Systems and Technology, Vol. 2, No. 3, pp. 1-27, 2011. DOI: http://dx.doi.org/10.1145/1961189.1961199