Support Vector Machine with Grid Search Cross-Validation for Network Intrusion Detection in Cloud

N. Sujata  Kumari; Naresh  Vurukonda

Authors

N. Sujata Kumari Research scholar, Department of Computer Science & Engineering, Koneru Lakshmaiah Education Foundation, Vaddeswaram, AP, India
Naresh Vurukonda Associate Professor, Department of Computer Science & Engineering, Koneru Lakshmaiah Education Foundation, Vaddeswaram, AP, India

Keywords:

Grid search cross validation, Intrusion detection system, Label encoding, Principal component analysis, Robust scalar, Support vector machine

Abstract

An Intrusion Detection System (IDS) is the process of monitoring a system that detects suspicious activities and produces alerts when they are detected. The Network Intrusion Detection System (NIDS) analyzes traffic across all subnets to identify any data flows originating from subnets associated with known attack patterns. The drawback of NIDS is it gives more frequent false positives than the actual threats and it can be reduced by tuning the IDS. In this research, the Support Vector Machine (SVM) with Grid Search cross-validation (CV) is proposed for the network intrusion detection system. The dataset utilized for research is NSL-KDD and the pre-processing techniques utilized are data cleaning, label encoding and robust scalar. The Principal Component Analysis (PCA) is utilized as a feature selection technique and detection is performed by SVM that is optimized by grid search cross validation. The proposed algorithm superiorly detected the network intrusion with less noise and false positives. The proposed algorithm is evaluated by utilizing performance measures of accuracy, precision, recall and f1-score. The proposed algorithm attained high accuracy 99.53%, precision 99.26%, recall 99.18% and f1-score 99.22% which is comparatively superior to other existing methods like Naive Bayes (NB), Random Forest (RF), and Logistic Regression (LR).

Downloads

Download data is not yet available.

References

M. Chalé and N. D. Bastian, “Generating realistic cyber data for training and evaluating machine learning classifiers for network intrusion detection systems,” Expert Syst. Appl., vol. 207, p. 117936, Nov. 2022. https://doi.org/10.1016/j.eswa.2022.117936

P. B. Udas, Md. E. Karim, and K. S. Roy, “SPIDER: A shallow PCA based network intrusion detection system with enhanced recurrent neural networks,” J. King Saud Univ. Comput. Inf. Sci., vol. 34, no. 10B, pp. 10246–10272, 2022. https://doi.org/10.1016/j.jksuci.2022.10.019

C. Park, J. Lee, Y. Kim, J.-G. Park, H. Kim, and D. Hong, “An Enhanced AI-Based Network Intrusion Detection System Using Generative Adversarial Networks,” IEEE Internet Things J., vol. 10, no. 3, pp. 2330–2345, 2023. doi: 10.1109/JIOT.2022.3211346

V. Ravi, R. Chaganti, and M. Alazab, “Recurrent deep learning-based feature fusion ensemble meta-classifier approach for intelligent network intrusion detection system,” Comput. Electr. Eng., vol. 102, p. 108156, 2022. https://doi.org/10.1016/j.compeleceng.2022.108156

A. Halbouni, T. S. Gunawan, M. H. Habaebi, M. Halbouni, M. Kartiwi, and R. Ahmad, “CNN-LSTM: Hybrid Deep Neural Network for Network Intrusion Detection System,” IEEE Access, vol. 10, pp. 99837–99849, 2022. doi: 10.1109/ACCESS.2022.3206425.

S. Rizvi, M. Scanlon, J. McGibney, and J. Sheppard, “Deep Learning Based Network Intrusion Detection System for Resource-Constrained Environments,” International Conference on Digital Forensics and Cyber Crime, vol. 508, S. Goel, P. Gladyshev, A. Nikolay, G. Markowsky, and D. Johnson, eds., Cham: Springer Nature Switzerland, 2023, pp. 355–367. https://doi.org/10.1007/978-3-031-36574-4_21

E. Gyamfi and A. D. Jurcut, “Novel Online Network Intrusion Detection System for Industrial IoT Based on OI-SVDD and AS-ELM,” IEEE Internet Things J., vol. 10, no. 5, pp. 3827–3839, 2023. DOI: 10.1109/JIOT.2022.3172393

S. Sivamohan and S. S. Sridhar, “An optimized model for network intrusion detection systems in industry 4.0 using XAI based Bi-LSTM framework,” Neural Comput. Appl., vol. 35, no. 15, pp. 11459–11475, 2023. https://doi.org/10.1007/s00521-023-08319-0

H. Asad and I. Gashi, “Dynamical analysis of diversity in rule-based open source network intrusion detection systems,” Empirical Software Eng., vol. 27, no. 1, p. 4, 2022. https://doi.org/10.1007/s10664-021-10046-w

R. Chowdhury, S. Sen, A. Roy, and B. Saha, “An optimal feature based network intrusion detection system using bagging ensemble method for real-time traffic analysis,” Multimedia Tools Appl., vol. 81, no. 28, pp. 41225–41247, 2022. https://doi.org/10.1007/s11042-022-12330-3

X.-H. Nguyen, X.-D. Nguyen, H.-H. Huynh, and K.-H. Le, “Realguard: A Lightweight Network Intrusion Detection System for IoT Gateways,” Sensors, vol. 22, no. 2, p. 432, 2022. https://doi.org/10.3390/s22020432

D. N. Mhawi, A. Aldallal, and S. Hassan, “Advanced Feature-Selection-Based Hybrid Ensemble Learning Algorithms for Network Intrusion Detection Systems,” Symmetry, vol. 14, no. 7, p. 1461, 2022. https://doi.org/10.3390/sym14071461

L. Yang, Y. Song, S. Gao, A. Hu, and B. Xiao, “Griffin: Real-Time Network Intrusion Detection System via Ensemble of Autoencoder in SDN,” IEEE Trans. Netw. Serv. Manage., vol. 19, no. 3, pp. 2269–2281, 2022. DOI: 10.1109/TNSM.2022.3175710

C. Zhang, X. Costa-Perez, and P. Patras, “Adversarial Attacks Against Deep Learning-Based Network Intrusion Detection Systems and Defense Mechanisms,” IEEE/ACM Trans. Networking, vol. 30, no. 3, pp. 1294–1311, 2022. DOI: 10.1109/TNET.2021.3137084

M.A. Haq, M.A. Rahim Khan and T. AL-Harbi, “Development of PCCNN-Based Network Intrusion Detection System for EDGE Computing,” Computers, Materials & Continua, vol. 71, no. 1, pp. 1769–1788, 2022. https://doi.org/10.32604/cmc.2022.018708

M. Vishwakarma and N. Kesswani, “A new two-phase intrusion detection system with Naïve Bayes machine learning for data classification and elliptic envelop method for anomaly detection,” Decision Analytics Journal, vol. 7, p. 100233, 2023. https://doi.org/10.1016/j.dajour.2023.100233

W. Wang, X. Du, D. Shan, R. Qin, and N. Wang, “Cloud Intrusion Detection Method Based on Stacked Contractive Auto-Encoder and Support Vector Machine,” IEEE Trans. Cloud Comput., vol. 10, no. 3, pp. 1634–1646, 2022. Doi: 10.1109/TCC.2020.3001017

A.S. Alfoudi, M.R. Aziz, Z.A.A. Alyasseri, A.H. Alsaeedi, R. R. Nuiaa, M.A. Mohammed, K.H. Abdulkareem and M.M. Jaber “Hyper clustering model for dynamic network intrusion detection,” IET Commun., p. cmu2.12523, 2022. https://doi.org/10.1049/cmu2.12523

S. Mohamed and R. Ejbali, “Deep SARSA-based reinforcement learning approach for anomaly network intrusion detection system,” Int. J. Inf. Secur., vol. 22, no. 1, pp. 235–247, 2023. https://doi.org/10.1007/s10207-022-00634-2

S. M. Kasongo, “A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework,” Comput. Commun., vol. 199, pp. 113–125, 2023. https://doi.org/10.1016/j.comcom.2022.12.010

H. Alazzam, A. Sharieh, and K. E. Sabri, “A lightweight intelligent network intrusion detection system using OCSVM and Pigeon inspired optimizer,” Appl. Intell., vol. 52, no. 4, pp. 3527–3544, 2022. https://doi.org/10.1007/s10489-021-02621-x

S. Hosseini and S. R. Sardo, “Network intrusion detection based on deep learning method in internet of thing,” J. Reliab. Intell. Environ., vol. 9, no. 2, pp. 147–159, 2023. https://doi.org/10.1007/s40860-021-00169-8

B. Cao, C. Li, Y. Song, and X. Fan, “Network Intrusion Detection Technology Based on Convolutional Neural Network and BiGRU,” Comput. Intell. Neurosci., vol. 2022, pp. 1–20, 2022. https://doi.org/10.1155/2022/1942847

Dataset link: https://www.kaggle.com/datasets/hassan06/nslkdd

Support Vector Machine with Grid Search Cross-Validation for Network Intrusion Detection in Cloud

Authors

Keywords:

Abstract

Downloads

References

Downloads

Published

How to Cite

Issue

Section

License

Similar Articles

Announcements

Information for Authors

ijisae

Information

trindex