Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM
Anomaly Intrusion Detection Systems (ADSs) identify patterns of network data behaviour to determine whether they are normal or represent an attack using the learning detection model. Much research has been conducted on enhancing ADSs particularly in the area of data mining that focuses on intrusive...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Little Lion Scientific
2018
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/72575/ http://psasir.upm.edu.my/id/eprint/72575/1/Enhanced%20intrusion%20detection%20capabilities%20.pdf |
| _version_ | 1848857152417955840 |
|---|---|
| author | Mohamed Yassin, Warusia Abdollah, Mohd Faizal Mas'ud, Mohd Zaki Yusof, Robiah Abdullah, Raihana Syahirah Muda, Zaiton |
| author_facet | Mohamed Yassin, Warusia Abdollah, Mohd Faizal Mas'ud, Mohd Zaki Yusof, Robiah Abdullah, Raihana Syahirah Muda, Zaiton |
| author_sort | Mohamed Yassin, Warusia |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Anomaly Intrusion Detection Systems (ADSs) identify patterns of network data behaviour to determine whether they are normal or represent an attack using the learning detection model. Much research has been conducted on enhancing ADSs particularly in the area of data mining that focuses on intrusive behaviour detection. Unfortunately, the current detection models such as the support vector machine (SVM) is affected by high dimensional data which limits its ability to accurately classify data. Moreover, the data points which appear similar between intrusive and regular behaviours could be problematic as some innovated attack behaviours may not be detected. To overcome this SVM drawback, we propose a combination of weighted chi-square (WCS) as a feature selection (FS) and a Discretization process (D). The WCS method is used firstly to reduce the dimensionality of data following which the assembled records are transformed into interval values via the D process before the SVM is used to identify groups of samples that behave similarly and dissimilarly such as malicious and non-malicious activities. Experiments were performed with well-known NSL-KDD data sets and the results show that the proposed method namely WCS-D-SVM (weighted chi-square, discretization and support vector machine) significantly improved and enhanced accuracy and detection rates while decreasing the false positives which the single SVM classifier produces. |
| first_indexed | 2025-11-15T11:53:00Z |
| format | Article |
| id | upm-72575 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T11:53:00Z |
| publishDate | 2018 |
| publisher | Little Lion Scientific |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-725752020-11-03T04:19:02Z http://psasir.upm.edu.my/id/eprint/72575/ Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM Mohamed Yassin, Warusia Abdollah, Mohd Faizal Mas'ud, Mohd Zaki Yusof, Robiah Abdullah, Raihana Syahirah Muda, Zaiton Anomaly Intrusion Detection Systems (ADSs) identify patterns of network data behaviour to determine whether they are normal or represent an attack using the learning detection model. Much research has been conducted on enhancing ADSs particularly in the area of data mining that focuses on intrusive behaviour detection. Unfortunately, the current detection models such as the support vector machine (SVM) is affected by high dimensional data which limits its ability to accurately classify data. Moreover, the data points which appear similar between intrusive and regular behaviours could be problematic as some innovated attack behaviours may not be detected. To overcome this SVM drawback, we propose a combination of weighted chi-square (WCS) as a feature selection (FS) and a Discretization process (D). The WCS method is used firstly to reduce the dimensionality of data following which the assembled records are transformed into interval values via the D process before the SVM is used to identify groups of samples that behave similarly and dissimilarly such as malicious and non-malicious activities. Experiments were performed with well-known NSL-KDD data sets and the results show that the proposed method namely WCS-D-SVM (weighted chi-square, discretization and support vector machine) significantly improved and enhanced accuracy and detection rates while decreasing the false positives which the single SVM classifier produces. Little Lion Scientific 2018-09 Article PeerReviewed text en http://psasir.upm.edu.my/id/eprint/72575/1/Enhanced%20intrusion%20detection%20capabilities%20.pdf Mohamed Yassin, Warusia and Abdollah, Mohd Faizal and Mas'ud, Mohd Zaki and Yusof, Robiah and Abdullah, Raihana Syahirah and Muda, Zaiton (2018) Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM. Journal of Theoretical and Applied Information Technology, 96 (18). 6006 - 6017. ISSN 1992-8645; ESSN: 1817-3195 http://www.jatit.org/volumes/ninetysix18.php |
| spellingShingle | Mohamed Yassin, Warusia Abdollah, Mohd Faizal Mas'ud, Mohd Zaki Yusof, Robiah Abdullah, Raihana Syahirah Muda, Zaiton Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM |
| title | Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM |
| title_full | Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM |
| title_fullStr | Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM |
| title_full_unstemmed | Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM |
| title_short | Enhanced intrusion detection capabilities via weighted chi-square, discretization and SVM |
| title_sort | enhanced intrusion detection capabilities via weighted chi-square, discretization and svm |
| url | http://psasir.upm.edu.my/id/eprint/72575/ http://psasir.upm.edu.my/id/eprint/72575/ http://psasir.upm.edu.my/id/eprint/72575/1/Enhanced%20intrusion%20detection%20capabilities%20.pdf |