Intrusion detection system based on modified k-means and multi-level support vector machines

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)

Abstract

This paper proposed a multi-level model for intrusion detection that combines the two techniques of modified K-means and support vector machine (SVM). Modified K-means is used to reduce the number of instances in a training data set and to construct new training data sets with high-quality instances. The new, high-quality training data sets are then utilized to train SVM classifiers. Consequently, the multi-level SVMs are employed to classify the testing data sets with high performance. The well-known KDD Cup 1999 data set is used to evaluate the proposed system; 10% KDD is applied for training, and corrected KDD is utilized intesting. The experiments demonstrate that the proposed model effectively detects attacks in the DoS, R2L, and U2R categories. It also exhibits a maximum overall accuracy of 95.71%.

Original languageEnglish
Title of host publicationCommunications in Computer and Information Science
PublisherSpringer Verlag
Pages265-274
Number of pages10
Volume545
ISBN (Print)9789812879356
DOIs
Publication statusPublished - 2015
Event1st International Conference on Soft Computing in Data Science, SCDS 2015 - Putrajaya, Malaysia
Duration: 2 Sep 20153 Sep 2015

Publication series

NameCommunications in Computer and Information Science
Volume545
ISSN (Print)18650929

Other

Other1st International Conference on Soft Computing in Data Science, SCDS 2015
CountryMalaysia
CityPutrajaya
Period2/9/153/9/15

Fingerprint

Intrusion detection
Support vector machines
Classifiers
Testing
Experiments

Keywords

  • Intrusion detection system
  • K-means
  • Multi-level SVM
  • Network security
  • Support vector machine

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Al-Yaseen, W. L., Ali Othman, Z., & Ahmad Nazri, M. Z. (2015). Intrusion detection system based on modified k-means and multi-level support vector machines. In Communications in Computer and Information Science (Vol. 545, pp. 265-274). (Communications in Computer and Information Science; Vol. 545). Springer Verlag. https://doi.org/10.1007/978-981-287-936-3_25

Intrusion detection system based on modified k-means and multi-level support vector machines. / Al-Yaseen, Wathiq Laftah; Ali Othman, Zulaiha; Ahmad Nazri, Mohd Zakree.

Communications in Computer and Information Science. Vol. 545 Springer Verlag, 2015. p. 265-274 (Communications in Computer and Information Science; Vol. 545).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Al-Yaseen, WL, Ali Othman, Z & Ahmad Nazri, MZ 2015, Intrusion detection system based on modified k-means and multi-level support vector machines. in Communications in Computer and Information Science. vol. 545, Communications in Computer and Information Science, vol. 545, Springer Verlag, pp. 265-274, 1st International Conference on Soft Computing in Data Science, SCDS 2015, Putrajaya, Malaysia, 2/9/15. https://doi.org/10.1007/978-981-287-936-3_25
Al-Yaseen WL, Ali Othman Z, Ahmad Nazri MZ. Intrusion detection system based on modified k-means and multi-level support vector machines. In Communications in Computer and Information Science. Vol. 545. Springer Verlag. 2015. p. 265-274. (Communications in Computer and Information Science). https://doi.org/10.1007/978-981-287-936-3_25
Al-Yaseen, Wathiq Laftah ; Ali Othman, Zulaiha ; Ahmad Nazri, Mohd Zakree. / Intrusion detection system based on modified k-means and multi-level support vector machines. Communications in Computer and Information Science. Vol. 545 Springer Verlag, 2015. pp. 265-274 (Communications in Computer and Information Science).
@inproceedings{073f9d97e8d34eb38ec0e7bfe5d3865a,
title = "Intrusion detection system based on modified k-means and multi-level support vector machines",
abstract = "This paper proposed a multi-level model for intrusion detection that combines the two techniques of modified K-means and support vector machine (SVM). Modified K-means is used to reduce the number of instances in a training data set and to construct new training data sets with high-quality instances. The new, high-quality training data sets are then utilized to train SVM classifiers. Consequently, the multi-level SVMs are employed to classify the testing data sets with high performance. The well-known KDD Cup 1999 data set is used to evaluate the proposed system; 10{\%} KDD is applied for training, and corrected KDD is utilized intesting. The experiments demonstrate that the proposed model effectively detects attacks in the DoS, R2L, and U2R categories. It also exhibits a maximum overall accuracy of 95.71{\%}.",
keywords = "Intrusion detection system, K-means, Multi-level SVM, Network security, Support vector machine",
author = "Al-Yaseen, {Wathiq Laftah} and {Ali Othman}, Zulaiha and {Ahmad Nazri}, {Mohd Zakree}",
year = "2015",
doi = "10.1007/978-981-287-936-3_25",
language = "English",
isbn = "9789812879356",
volume = "545",
series = "Communications in Computer and Information Science",
publisher = "Springer Verlag",
pages = "265--274",
booktitle = "Communications in Computer and Information Science",

}

TY - GEN

T1 - Intrusion detection system based on modified k-means and multi-level support vector machines

AU - Al-Yaseen, Wathiq Laftah

AU - Ali Othman, Zulaiha

AU - Ahmad Nazri, Mohd Zakree

PY - 2015

Y1 - 2015

N2 - This paper proposed a multi-level model for intrusion detection that combines the two techniques of modified K-means and support vector machine (SVM). Modified K-means is used to reduce the number of instances in a training data set and to construct new training data sets with high-quality instances. The new, high-quality training data sets are then utilized to train SVM classifiers. Consequently, the multi-level SVMs are employed to classify the testing data sets with high performance. The well-known KDD Cup 1999 data set is used to evaluate the proposed system; 10% KDD is applied for training, and corrected KDD is utilized intesting. The experiments demonstrate that the proposed model effectively detects attacks in the DoS, R2L, and U2R categories. It also exhibits a maximum overall accuracy of 95.71%.

AB - This paper proposed a multi-level model for intrusion detection that combines the two techniques of modified K-means and support vector machine (SVM). Modified K-means is used to reduce the number of instances in a training data set and to construct new training data sets with high-quality instances. The new, high-quality training data sets are then utilized to train SVM classifiers. Consequently, the multi-level SVMs are employed to classify the testing data sets with high performance. The well-known KDD Cup 1999 data set is used to evaluate the proposed system; 10% KDD is applied for training, and corrected KDD is utilized intesting. The experiments demonstrate that the proposed model effectively detects attacks in the DoS, R2L, and U2R categories. It also exhibits a maximum overall accuracy of 95.71%.

KW - Intrusion detection system

KW - K-means

KW - Multi-level SVM

KW - Network security

KW - Support vector machine

UR - http://www.scopus.com/inward/record.url?scp=84946022029&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84946022029&partnerID=8YFLogxK

U2 - 10.1007/978-981-287-936-3_25

DO - 10.1007/978-981-287-936-3_25

M3 - Conference contribution

AN - SCOPUS:84946022029

SN - 9789812879356

VL - 545

T3 - Communications in Computer and Information Science

SP - 265

EP - 274

BT - Communications in Computer and Information Science

PB - Springer Verlag

ER -