Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system

Research output: Contribution to journalArticle

76 Citations (Scopus)

Abstract

Intrusion detection has become essential to network security because of the increasing connectivity between computers. Several intrusion detection systems have been developed to protect networks using different statistical methods and machine learning techniques. This study aims to design a model that deals with real intrusion detection problems in data analysis and classify network data into normal and abnormal behaviors. This study proposes a multi-level hybrid intrusion detection model that uses support vector machine and extreme learning machine to improve the efficiency of detecting known and unknown attacks. A modified K-means algorithm is also proposed to build a high-quality training dataset that contributes significantly to improving the performance of classifiers. The modified K-means is used to build new small training datasets representing the entire original training dataset, significantly reduce the training time of classifiers, and improve the performance of intrusion detection system. The popular KDD Cup 1999 dataset is used to evaluate the proposed model. Compared with other methods based on the same dataset, the proposed model shows high efficiency in attack detection, and its accuracy (95.75%) is the best performance thus far.

Original languageEnglish
Pages (from-to)296-303
Number of pages8
JournalExpert Systems with Applications
Volume67
DOIs
Publication statusPublished - 1 Jan 2017

Fingerprint

Intrusion detection
Support vector machines
Learning systems
Classifiers
Network security
Statistical methods

Keywords

  • Extreme learning machine
  • Intrusion detection system
  • K-means
  • KDD Cup 1999
  • Multi-level
  • Support vector machine

ASJC Scopus subject areas

  • Engineering(all)
  • Computer Science Applications
  • Artificial Intelligence

Cite this

@article{65bb3c54b69640d882727185de7ded0f,
title = "Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system",
abstract = "Intrusion detection has become essential to network security because of the increasing connectivity between computers. Several intrusion detection systems have been developed to protect networks using different statistical methods and machine learning techniques. This study aims to design a model that deals with real intrusion detection problems in data analysis and classify network data into normal and abnormal behaviors. This study proposes a multi-level hybrid intrusion detection model that uses support vector machine and extreme learning machine to improve the efficiency of detecting known and unknown attacks. A modified K-means algorithm is also proposed to build a high-quality training dataset that contributes significantly to improving the performance of classifiers. The modified K-means is used to build new small training datasets representing the entire original training dataset, significantly reduce the training time of classifiers, and improve the performance of intrusion detection system. The popular KDD Cup 1999 dataset is used to evaluate the proposed model. Compared with other methods based on the same dataset, the proposed model shows high efficiency in attack detection, and its accuracy (95.75{\%}) is the best performance thus far.",
keywords = "Extreme learning machine, Intrusion detection system, K-means, KDD Cup 1999, Multi-level, Support vector machine",
author = "Al-Yaseen, {Wathiq Laftah} and {Ali Othman}, Zulaiha and {Ahmad Nazri}, {Mohd Zakree}",
year = "2017",
month = "1",
day = "1",
doi = "10.1016/j.eswa.2016.09.041",
language = "English",
volume = "67",
pages = "296--303",
journal = "Expert Systems with Applications",
issn = "0957-4174",
publisher = "Elsevier Limited",

}

TY - JOUR

T1 - Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system

AU - Al-Yaseen, Wathiq Laftah

AU - Ali Othman, Zulaiha

AU - Ahmad Nazri, Mohd Zakree

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Intrusion detection has become essential to network security because of the increasing connectivity between computers. Several intrusion detection systems have been developed to protect networks using different statistical methods and machine learning techniques. This study aims to design a model that deals with real intrusion detection problems in data analysis and classify network data into normal and abnormal behaviors. This study proposes a multi-level hybrid intrusion detection model that uses support vector machine and extreme learning machine to improve the efficiency of detecting known and unknown attacks. A modified K-means algorithm is also proposed to build a high-quality training dataset that contributes significantly to improving the performance of classifiers. The modified K-means is used to build new small training datasets representing the entire original training dataset, significantly reduce the training time of classifiers, and improve the performance of intrusion detection system. The popular KDD Cup 1999 dataset is used to evaluate the proposed model. Compared with other methods based on the same dataset, the proposed model shows high efficiency in attack detection, and its accuracy (95.75%) is the best performance thus far.

AB - Intrusion detection has become essential to network security because of the increasing connectivity between computers. Several intrusion detection systems have been developed to protect networks using different statistical methods and machine learning techniques. This study aims to design a model that deals with real intrusion detection problems in data analysis and classify network data into normal and abnormal behaviors. This study proposes a multi-level hybrid intrusion detection model that uses support vector machine and extreme learning machine to improve the efficiency of detecting known and unknown attacks. A modified K-means algorithm is also proposed to build a high-quality training dataset that contributes significantly to improving the performance of classifiers. The modified K-means is used to build new small training datasets representing the entire original training dataset, significantly reduce the training time of classifiers, and improve the performance of intrusion detection system. The popular KDD Cup 1999 dataset is used to evaluate the proposed model. Compared with other methods based on the same dataset, the proposed model shows high efficiency in attack detection, and its accuracy (95.75%) is the best performance thus far.

KW - Extreme learning machine

KW - Intrusion detection system

KW - K-means

KW - KDD Cup 1999

KW - Multi-level

KW - Support vector machine

UR - http://www.scopus.com/inward/record.url?scp=84990195189&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84990195189&partnerID=8YFLogxK

U2 - 10.1016/j.eswa.2016.09.041

DO - 10.1016/j.eswa.2016.09.041

M3 - Article

VL - 67

SP - 296

EP - 303

JO - Expert Systems with Applications

JF - Expert Systems with Applications

SN - 0957-4174

ER -