6533b7cffe1ef96bd1259069

RESEARCH PRODUCT

A novel method for network intrusion detection based on nonlinear SNE and SVM

John Aldo LeeLudovic JournauxM. SugumaranYasir Hamid

subject

business.industryComputer science[INFO.INFO-TS] Computer Science [cs]/Signal and Image ProcessingDimensionality reductionFeature vectorPattern recognitionGeneral MedicineIntrusion detection systemSupport vector machineBenchmark (computing)EmbeddingRadial basis functionArtificial intelligencebusinessCurse of dimensionality

description

In the case of network intrusion detection data, pre-processing techniques have been extensively used to enhance the accuracy of the model. An ideal intrusion detection system (IDS) is one that has appreciable detection capability overall the group of attacks. An open research problem of this area is the lower detection rate for less frequent attacks, which result from the curse of dimensionality and imbalanced class distribution of the benchmark datasets. This work attempts to minimise the effects of imbalanced class distribution by applying random under-sampling of the majority classes and SMOTE-based oversampling of minority classes. In order to alleviate the issue arising from the curse of dimensionality, this model makes use of stochastic neighbour embedding a nonlinear dimension reduction technique to embed the higher dimensional feature vectors in low dimensional embedding spaces. A nonlinear support vector machine with a radial basis function on a series of gamma values was used to build the model. The results demonstrate that the proposed model with the dimension reduction has higher detection coverage for all the attack groups of the dataset as well as the normal data. Results are evaluated on two benchmark datasets KDD99 and UNSW-NB15.

yearjournalcountryeditionlanguage
2017-01-01
https://hal.science/hal-03618218