Abstract
This paper proposed a multi-level model for intrusion detection that combines the two techniques of modified K-means and support vector machine (SVM). Modified K-means is used to reduce the number of instances in a training data set and to construct new training data sets with high-quality instances. The new, high-quality training data sets are then utilized to train SVM classifiers. Consequently, the multi-level SVMs are employed to classify the testing data sets with high performance. The well-known KDD Cup 1999 data set is used to evaluate the proposed system; 10% KDD is applied for training, and corrected KDD is utilized intesting. The experiments demonstrate that the proposed model effectively detects attacks in the DoS, R2L, and U2R categories. It also exhibits a maximum overall accuracy of 95.71%.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ghanem, T.F., Elkilani, W.S., Abdul-kader, H.M.: A hybrid approach for efficient anomaly detection using metaheuristic methods. J. Adv. Res. Article in Press (2014)
Om, H., Kundu, A.: A hybrid system for reducing the false alarm rate of anomaly intrusion detection system. In: 1st International Conference on Recent Advances in Information Technology (RAIT), pp. 131–136. IEEE (2012)
Horng, S.-J., Su, M.-Y., Chen, Y.-H., et al.: A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Syst. Appl. 38, 306–313 (2011)
Hasan, M., Nasser, M., Pal, B., Ahmad, S.: Intrusion Detection Using Combination of Various Kernels Based Support Vector Machine. International Journal of Scientific & Engineering Research 4, 1454–1463 (2013)
Yao, J., Zhao, S., Fan, L.: An enhanced support vector machine model for intrusion detection. In: Wang, G.-Y., Peters, J.F., Skowron, A., Yao, Y. (eds.) RSKT 2006. LNCS (LNAI), vol. 4062, pp. 538–543. Springer, Heidelberg (2006)
Celebi, M.E., Kingravi, H.A., Vela, P.A.: A comparative study of efficient initialization methods for the k-means clustering algorithm. Expert Syst. Appl. 40, 200–210 (2013)
Gao, M., Wang, N.: A Network Intrusion Detection Method Based on Improved K-means Algorithm. Adv. Sci. Technol. Lett. 53, 429–433 (2014)
Sujatha, M.S., Sona, M.A.S.: New fast k-means clustering algorithm using modified centroid selection method. International Journal of Engineering Research and Technology 2, 1–9 (2013)
Kathiresan, V., Sumathi, P.: An efficient clustering algorithm based on Z-Score ranking method. In: International Conference on Computer Communication and Informatics (ICCCI), pp. 1–4. IEEE (2012)
Nazeer, K.A., Sebastian, M.: Improving the Accuracy and Efficiency of the k-means Clustering Algorithm. In: Proceedings of the World Congress on Engineering, vol. 1, pp. 1–3 (2009)
Pfahringer, B.: Winning the KDD99 classification cup: bagged boosting. ACM SIGKDD Explorations Newsletter 1, 65–66 (2000)
Xiang, C., Chong, M., Zhu, H.: Design of mnitiple-level tree classifiers for intrusion detection system. In: 2004 IEEE Conference on Cybernetics and Intelligent Systems, vol. 2, pp. 873–878. IEEE (2004)
Xiang, C., Yong, P.C., Meng, L.S.: Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees. Pattern Recognit. Lett. 29, 918–924 (2008)
Natesan, P., Balasubramanie, P., Gowrison, G.: Improving the Attack Detection Rate in Network Intrusion Detection using Adaboost Algorithm. Journal of Computer Science 8, 1041–1048 (2012)
Ambwani, T.: Multi class support vector machine implementation to intrusion detection. In: Proceedings of the International Joint Conference on Neural Networks, vol. 3, pp. 2300–2305. IEEE (2003)
He, L.: An Improved Intrusion Detection based on Neural Network and Fuzzy Algorithm. Journal of Networks 9, 1274–1280 (2014)
Lu, H., Xu, J.: Three-level Hybrid Intrusion detection system. In: International Conference on Information Engineering and Computer Science, ICIECS 2009, pp. 1–4. IEEE (2009)
Gogoi, P., Bhattacharyya, D., Borah, B., Kalita, J.K.: MLH-IDS: A Multi-Level Hybrid Intrusion Detection Method. The Computer Journal 57, 602–623 (2014)
Sabhnani, M., Serpen, G.: Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context. In: MLMTA, pp. 209–215 (2003)
Jianliang, M., Haikun, S., Ling, B.: The application on intrusion detection based on k-means cluster algorithm. In: International Forum on Information Technology and Applications, IFITA 2009, vol. 1, pp. 150–152. IEEE (2009)
Bhatia, M., Khurana, D.: Experimental study of Data clustering using k-Means and modified algorithms. International Journal of Data Mining & Knowledge Management Process (IJDKP) 3, 17–30 (2013)
KDD Cup 1999 Data set. http://archive.ics.uci.edu/ml/machine-learning-databases/kddcup99-mld/
Tsang, C.-H., Kwong, S., Wang, H.: Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection. Pattern Recognit. 40, 2373–2391 (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer Science+Business Media Singapore
About this paper
Cite this paper
Al-Yaseen, W.L., Othman, Z.A., Nazri, M.Z.A. (2015). Intrusion Detection System Based on Modified K-means and Multi-level Support Vector Machines. In: Berry, M., Mohamed, A., Yap, B. (eds) Soft Computing in Data Science. SCDS 2015. Communications in Computer and Information Science, vol 545. Springer, Singapore. https://doi.org/10.1007/978-981-287-936-3_25
Download citation
DOI: https://doi.org/10.1007/978-981-287-936-3_25
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-287-935-6
Online ISBN: 978-981-287-936-3
eBook Packages: Computer ScienceComputer Science (R0)