Abstract
One of the major challenges of network traffic analysis is intrusion detection. Intrusion detection systems (IDSs) are designed to detect malicious activities that attempt to compromise the confidentiality, integrity, and assurance of computer systems. Intrusion detection system has become the most widely employed security technology. The novelty of the proposed research is to develop a system for IDSs. In this research, a support-vector machine (SVM) with ant colony optimization (ACO) is proposed to detect an intrusion. Standard data sets, namely Knowledge Discovery and Data Mining (KDD) Cup '99 and Network Security Laboratory (NSL)-KDD, were utilized to test the results of the proposed system. One of the greatest challenges in a network analysis dataset is dimensionality. To handle dimensionality reduction, the ant colony optimization algorithm was applied. In the ACO method, significant subset features are selected from the entire dataset. These subset features have proceeded the SVM machine learning algorithm for detection intrusion. The empirical results point out that the SVM with ACO has obtained superior accuracy. It is concluded that the SVM-ACO model can more efficiently protect a network system from intrusion.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
Enquiries about data availability should be directed to the authors.
Notes
KDD Cup 1999 Data (http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html).
References
Aldhyani THH, Joshi M (2017) Intelligent time series model to predict bandwidth utilization. Int J Comput Sci Appl 14:130–141
Aldhyani THH, Alrasheedi M, Alqarni AA, Alzahrani MY, Bamhdi AM (2020) Intelligent hybrid model to enhance time series models for predicting network traffic. IEEE Access 8:130431–130451. https://doi.org/10.1109/ACCESS.2020.3009169
Aldhyani THH, Al-Yaari M, Alkahtani H, Maashi M (2020) Water quality prediction using artificial intelligence algorithms. Appl Bionics Biomech 2020(6659314)
Alkahtani H, Aldhyani THH, Al-Yaari M (2020) Adaptive anomaly detection framework model objects in cyberspace. Appl Bionics Biomech 6660489:14
Al-Mughanam T, Aldhyani THH, Alsubari B, Al-Yaari M (2020) Modeling of compressive strength of sustainable self-compacting concrete incorporating treated palm oil fuel ash using artificial neural network. Sustainability 12:9322
Amiri F, Yousefi MR, Lucas C, Shakery A, Yazdani N (2011) Mutual information-based feature selection for intrusion detection systems. J Netw Comput Appl 34:1184–1199
Azmoodeh A, Dehghantanha A, Choo KKR (2018) Robust malware detection for internet of (Battlefield) things devices using deep eigenspace learning. IEEE Trans Sustain Comput 4:88–95
Bassey J, Adesina D, Li X, Qian L, Aved A, Kroecker T (2019) Intrusion detection for IoT devices based on RF fingerprinting using deep learning. In: Proceedings of the 2019 fourth international conference on fog and mobile edge computing (FMEC), Rome, Italy, pp 98–104
Bose S, Bharathimurugan S, Kannan A (2007) Multi-layer integrated anomaly intrusion detection system for mobile Adhoc networks. Proc IEEE Int Conf Signal Process Commun Netw 22–24:360–365
Cortes C (1995) Vapnik VN support vector networks. Mach Learn 20:273–297
Doshi R, Apthorpe N, Feamster N (2018) Machine learning DDoS detection for consumer internet of things devices. In: Proceedings of the IEEE security and privacy workshops (SPW), San Francisco, CA, USA, pp 29–35
Hu W, Liao Y, Vemuri VR (2003) Robust support vector machines for anomaly detection in computer security. In Proceedings of the international conference on machine learning and applications—ICMLA 2003, Los Angeles, CA, USA, pp 168–174
Joshi M, Hadi TH (2015) A review of network traffic analysis and prediction techniques, pp 23
Kanaka Vardhini K, Sitamahalakshmi T (2017) Enhanced Intrusion detection system using data reduction: an ant colony optimization approach. Int J Appl Eng Res 12(9):1844–1847
Kokila R, Selvi ST, Govindarajan K (2014) DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Proceedings of the 2014 sixth international conference on advanced computing (ICoAC), Chennai, India, pp 205–210
Kotpalliwar MV, Wajgi R (2015) Classification of attacks using support vector machine (SVM) on KDDCUP’99 IDS database. In: Proceedings of the 2015 fifth international conference on communication systems and network technologies, Gwalior, India, pp 987–990
Li Y, Xia J, Zhang S, Yan J, Ai X, Dai K (2012) An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst Appl 39:424–430
Mitrokotsa A, Dimitrakakis C (2013) Intrusion detection in manet using classification algorithms: the effects of cost and model selection. Ad Hoc Netw 11:226–237
Moskovitch R, Nissim N, Stopel D, Feher C, Englert R, Elovici Y (2007) Improving the detection of unknown computer worms activity using active learning. Proc Annu Conf Artif Intell 10–13:489–493
Pervez MS, Farid DM (2014) Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs. In: Proceedings of the 8th international conference on software, knowledge, information management and applications (SKIMA 2014), Dhaka, Bangladesh, pp 1–6
Saxena H, Richariya V (2014) Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain. Int J Comput Appl 98:25–29
Shon T, Kim Y, Lee C, Moon J (2005) A machine learning framework for network anomaly detection using SVM and GA. In: Proceedings of the sixth annual IEEE SMC information assurance workshop, West Point, NY, USA, pp 176–183
Sitalakshmi V, Alazab M (2018) Use of data visualisation for zero-day malware detection. Secur Commun Netw 1728303:13. https://doi.org/10.1155/2018/1728303
Vishwakarma S, Sharma V, Tiwari A (2017a) An intrusion detection system using KNN-ACO algorithm. Int J Comput Appl 171:18–23
Vishwakarma S, Sharma V, Tiwari A (2017b) An intrusion detection system using KNN-ACO algorithm. Int J Comput Appl 171(10):18–23. https://doi.org/10.5120/ijca2017914079
Wagner C, François J, Engel T (2011) Machine learning approach for ip-flow record anomaly detection. Proc Int Conf Res Netw 9–13:28–39
Funding
The authors have not disclosed any funding.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Alqarni, A.A. Toward support-vector machine-based ant colony optimization algorithms for intrusion detection. Soft Comput 27, 6297–6305 (2023). https://doi.org/10.1007/s00500-023-07906-6
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-023-07906-6