Abstract
A novel support vector machine (SVM) model by combining kernel principal component analysis (KPCA) with improved chaotic particle swarm optimization (ICPSO) is proposed to deal with intrusion detection. The proposed method, in which multi-layer SVM classifier is employed to estimate whether the action is an attack, KPCA is applied as a preprocessor of SVM to reduce the dimension of feature vectors and shorten training time. To shorten the training time and improve the performance of SVM, N-RBF is employed to reduce the noise generated by feature differences, and ICPSO is presented to optimize the punishment factor C, kernel parameters \(\sigma \) and the tube size \(\varepsilon \) of SVM, which introduces chaos optimization and premature processing mechanism. Experimental results illustrate that the improved SVM model has faster computational time and higher predictive accuracy, and it can also shorten the training time and improve the performance of SVM.
Similar content being viewed by others
References
Chen ZG, Ren HD, Du XJ (2008) Minimax probability machine classifier with feature extraction by kernel PCA for intrusion detection. In: Proceedings of WiCOM08, pp 1–4
Chimphlee W, Addullah AH, Sap MNM et al (2006) Anomaly-based intrusion detection using fuzzy rough clustering. In: Proceedings of ICHIT06, pp 329–334
Ding M, Tian Z, Xu H (2009) Adaptive kernel principal analysis for online feature extraction. Proc World Acad Sci Eng Technol 59:288–293
Eskin E (2000) Anomaly detection over noisy data using learned probability distributions. In: Proceedings of ICML2000, pp 255–262
Fei R, Hu L, Liang H (2008) Using density-based incremental clustering for anomaly detection. In: Proceedings of CSSE08, pp 986–989
Horng SJ, Su MY, Chen YH et al (2011) A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Syst Appl 38:306–313
Hsu CW, Chang CC, Lin C J (2010) A practical guide to support vector classification. http://www.csie.ntu.edu.tw/~cjlin/papers/guide/guide.pdf. Accessed 2 December 2011
Hu W, Liao Y, Vemuri V (2003) Robust support vector machines for anomaly detection in computer security. In: Proceedings of ICMLA03, pp 23–24
Jolliffe IT (1986) Principle component Analysis. Springer, New York
Kavitha B, Karthikeyan S, Maybell PS (2012) An ensemble design of intrusion detection system for handling uncertainty using neutrosophic logic classifier. Knowl Based Syst 28:88–96
Khan L, Awad M, Thuraisingham B (2007) A new intrusion detection system using support vector machines and hierarchical clustering. Int J Very Large Data Bases 16:507–521
Kolias C, Kambourakis G, Maragoudakis M (2011) Swarm intelligence in intrusion detection: a survey. Comput Secur 30:625–642
Kuang FJ, Xu WH, Zhang SY et al (2012) A novel approach of KPCA and SVM for intrusion detection. J Comput Inform Syst 8(8):3237–3244
Kuang FJ, Xu WH, Zhang SY (2014) A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl Soft Comput 18:178–184
Lee JH, Lee JH, Sohn SG, et al (2008) Effective value of decision tree with KDD 99 intrusion detection datasets for intrusion detection system. In: Proceedings of ICACT08, pp 1170–1175
Li B, Jiang WS (1997) Chaos optimization method and its application. Control Theory Appl 14(4):613–615
Peddabachigari S, Abraham A, Grosan C (2007) Modeling intrusion detection system using hybrid intelligent systems. J Netw Comput Appl 30(1):114–132
Schölkopf B, Smola A, Müller KR (1998) Nonlinear component analysis as a Kernel eigenvalue problem. Neural Comput 10(5):1299–1319
Shafi K, Abbass HA (2009) An adaptive genetic based signature learning system for intrusion detection. Expert Syst Appl 36(10):12036–12043
Shon T, Kim Y, Lee C, Moon J (2005) A machine learning framework for network anomaly detection using SVM and GA. In: Proceedings of IWIAS05, pp 176–183
Srinoy S (2007) Intrusion detection model based on particle swarm optimization and support vector machine. In: Proceedings of CISDA07, pp 186–192
Srivastava D, Bhambhu L (2010) Data classification using support vector machine. J Theor Appl Inf Technol 12(1):1–7
Stolfo S J, Fan W, Prodromidis A, et al (1999) KDD Cup 1999 Data. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed 22 December 2011
Tsai CF, Hsu YF, Lin CY, Lin WY (2009) Intrusion detection by machine learning: a review. Expert Syst Appl 36:11994–12000
Tsai CF, Lin CY (2010) A triangle area based nearest neighbors approach to intrusion detection. Pattern Recognit 43(1):222–229
Wang J, Hong X, Ren R, Li T (2009) A real-time intrusion detection system based on PSO-SVM. In: Proceedings of IWISA09, pp 319–321
Wang G, Hao JX, Ma J, Huang LH (2010) A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Syst Appl 37:6225–6232
Wang W, Battiti R (2006) Identifying intrusions in computer networks with principal component analysis. In: Proceedings of ARES06, pp 270–279
Wu SX, Banzhaf W (2010) Use of computational intelligence in intrusion detection systems: a review. Appl Soft Comput 10(1):1–35
Yang P, Zhu QS (2011) Finding key attribute subset in dataset for outlier detection. Knowl Based Syst 24(2):269–274
Zhang MH, Li G (2012) Network intrusion detection based on least squares support vector machine and chaos particle swarm optimization algorithm. J Converg Inf Technol 7(4):169–173
Zhang Z, Shen H (2005) Application of online-training SVMs for real-time intrusion detection with different considerations. Comput Commun 28(12):1428–1442
Acknowledgments
This work was supported in part by the National Natural Science Foundation of China under Grant 61373063 and 61233011, Science and Technology Department of Hunan Province of China under Grant 2012SK4046 and 2013FJ4217, and Research Foundation of Education Bureau of Hunan Province of China under Grant 13C086. And the authors are grateful to the referees for their suggestions and comments.
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by V. Loia.
Rights and permissions
About this article
Cite this article
Kuang, F., Zhang, S., Jin, Z. et al. A novel SVM by combining kernel principal component analysis and improved chaotic particle swarm optimization for intrusion detection. Soft Comput 19, 1187–1199 (2015). https://doi.org/10.1007/s00500-014-1332-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-014-1332-7