Title: A hybrid PSO-SVM model for network intrusion detection

Authors: Ye Bi

Addresses: Engineering Training Center, Shanghai Second Polytechnic University, Shanghai 201209, China

Abstract: This paper concentrates on the problem of network intrusion detection, which is an important problem in informatisation construction. We utilise the incremental support vector machine (SVM) to solve the network intrusion detection problem, and the SVM classification problem can be tackled by a decision function via a quadratic program. Particularly, the incremental SVM is used to train an SVM classifier with a partition of the given dataset; at the same time, support vectors at every step are reserved and the training set for the next iteration is constructed. Furthermore, the crucial problem of the incremental SVM is to impose the (Karush-Kuhn-Tucker) KKT conditions on the training dataset when adding a new vector. Moreover, to optimise parameters in the incremental SVM, particle swarm optimisation is utilised. If there is at least one sample in the set incremental training sample dataset, which cannot satisfy the KKT condition, the SVM classifiers to detect network intrusion can be obtained. To make performance evaluation of the proposed algorithm, experiments are conducted using the 'KDD Cup 1999' dataset. Experimental results demonstrate that compared with other corresponding methods, the proposed algorithm can effectively detect network intrusion behaviours with high accuracy rate and low time consumption.

Keywords: network intrusion detection; PSO; particle swarm optimisation; incremental SVM; support vector machines; network security; quadratic programming.

DOI: 10.1504/IJSN.2016.079258

International Journal of Security and Networks, 2016 Vol.11 No.4, pp.196 - 203

Received: 14 Mar 2015
Accepted: 14 Mar 2015

Published online: 26 Sep 2016 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article