Article: An ECOSVS-based support vector machine for network anomaly detection Journal: International Journal of Data Analysis Techniques and Strategies (IJDATS) 2022 Vol.14 No.1 pp.32 - 54 Abstract: In this paper, the support vector machine (SVM) classification technique to classify normal and attack traffic in the Spark distributed environment has been introduced and evaluated. In terms of classification speed, SVM suffers from the important shortcomings of high time and memory training complexities, which depend on the training set size. The authors have proposed an effective correlation-based support vector selection (ECOSVS) algorithm for SVM speed optimisation. ECOSVS-based SVM performed better when compared with the other three supervised classifiers, namely, logistic regression (LR), decision tree (DT), and random forest (RF) in terms of accuracy and training time. Apache Spark's RDD structure has been used for the detection of network-based anomalies. The analysis of the said algorithm was performed on two publicly available network datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) dataset and Coburg Intrusion Detection Datasets (CIDDS-2017). The results showed that our proposed algorithm reduced the training set size of NSL-KDD and CIDDS-2017 datasets to 99.3% and 85%, respectively. Accuracies of 80% and 87% for the ECOSVS-based SVM classifier were achieved. Inderscience Publishers - linking academia, business and industry through research

Title: An ECOSVS-based support vector machine for network anomaly detection

Authors: Meenal Jain; Vikas Saxena

Addresses: Department of CSE&IT, JIIT, Noida, Sector 62, Noida, India ' Department of CSE&IT, JIIT, Noida, Sector 62, Noida, India

Abstract: In this paper, the support vector machine (SVM) classification technique to classify normal and attack traffic in the Spark distributed environment has been introduced and evaluated. In terms of classification speed, SVM suffers from the important shortcomings of high time and memory training complexities, which depend on the training set size. The authors have proposed an effective correlation-based support vector selection (ECOSVS) algorithm for SVM speed optimisation. ECOSVS-based SVM performed better when compared with the other three supervised classifiers, namely, logistic regression (LR), decision tree (DT), and random forest (RF) in terms of accuracy and training time. Apache Spark's RDD structure has been used for the detection of network-based anomalies. The analysis of the said algorithm was performed on two publicly available network datasets, namely, Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) dataset and Coburg Intrusion Detection Datasets (CIDDS-2017). The results showed that our proposed algorithm reduced the training set size of NSL-KDD and CIDDS-2017 datasets to 99.3% and 85%, respectively. Accuracies of 80% and 87% for the ECOSVS-based SVM classifier were achieved.

Keywords: ECOSVS; support vector machine; SVM; anomaly detection; Apache Spark.

DOI: 10.1504/IJDATS.2022.121513

International Journal of Data Analysis Techniques and Strategies, 2022 Vol.14 No.1, pp.32 - 54

Accepted: 14 Jul 2021
Published online: 16 Mar 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: An ECOSVS-based support vector machine for network anomaly detection

Keep up-to-date