Intrusion Detection using k-mean Algorithm via Support Vector Machine

It is unrealistic to prevent security breaches completely using the existing security technologies. The intrusion detection plays an important role in network security. However, many current intrusion detection systems (IDSs) are signature-based systems. The signature based IDS also known as misuse detection looks for a specific signature to match, signaling an intrusion. Provided with the signatures or patterns, they can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. The rate of false positives is small to nil but these types of systems are poor at detecting new attacks, variations of known attacks or attacks that can be masked as normal behavior. Statistical-Based Intrusion Detection Systems (SBIDS) can alleviate many of the aforementioned pitfalls of a Signature Based IDS. Statistical-Based IDS perform better than signature based IDS for novelty detection. Novelty detection i.e. detection of new attack is very important for intrusion detection system. Researchers have evaluated various classification techniques for intrusion detection. This work evaluates support vector machine (SVM) based classifier over benchmark dataset. This dissertation explores non linear SVM both binary and multiclass over KDD 1999 dataset. The non linear SVM maps input feature to the feature space by using kernel function. In this dissertation the performance of SVM is evaluated using different kernel functions. This work also tries to find optimal kernel function using kernel width delimiter.