Introducing a Classification Model Based on SVM for Network Intrusion Detection

  • Ghodratolah Dastfal
  • Samad NejatianEmail author
  • Hamid Parvin
  • Vahideh Rezaie
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10632)


Intrusion Detection Systems are designed to provide security into computer networks. In this article, we used rough sets theory for feature selection to enhance support vector machine in intrusion detection. Testing and evaluation of the proposed method has been performed mainly on NSL-KDD data sets as a corrected version of KDD-CUP99. Experimental results indicate that the proposed method shows a good performance in providing high precision, intrusion detection readout, less error notification rate and more detailed detection compared to its basic and simpler methods.


Intrusion detection Support vector machine Data size reduction Feature selection IDS 


  1. 1.
    Endorf, C., Eugene, S., Mellander, J.: Intrusion Detection & Prevention. McGraw-Hill, New York (2004)Google Scholar
  2. 2.
    Santos, I., Sanz, B., Laorden, C., Brezo, F., Bringas, P.G.: Opcode-sequence-based semi-supervised unknown malware detection. Comput. Intell. Secur. Inf. Syst. 6694, 50–57 (2011)Google Scholar
  3. 3.
    Alishvandi, H., Gouraki, G.H., Parvin, H.: An enhanced dynamic detection of possible invariants based on best permutation of test cases. Comput. Syst. Sci. Eng. 31(1), 53–61 (2016)Google Scholar
  4. 4.
    Parvin, H., Minaei-Bidgoli, B., Alinejad-Rokny, H.: A new imbalanced learning and dictions tree method for breast cancer diagnosis. J. Bionanosci. 7(6), 673–678 (2013)CrossRefGoogle Scholar
  5. 5.
    Parvin, H., Alinejad-Rokny, H., Minaei-Bidgoli, B., Parvin, S.: A new classifier ensemble methodology based on subspace learning. J. Exp. Theor. Artif. Intell. 25(2), 227–250 (2013)CrossRefGoogle Scholar
  6. 6.
    Parvin, H., Minaei-Bidgoli, B., Alinejad-Rokny, H., Punch, W.F.: Data weighing mechanisms for clustering ensembles. Comput. Electr. Eng. 39(5), 1433–1450 (2013)CrossRefGoogle Scholar
  7. 7.
    Parvin, H., Alizadeh, H., Minaei-Bidgoli, B.: A New method for constructing classifier ensembles. JDCTA 3(2), 62–66 (2009)CrossRefGoogle Scholar
  8. 8.
    Parvin, H., Alinejad-Rokny, H., Asadi, M.: An ensemble based approach for feature selection. J. Appl. Sci. Res. 7(9), 33–43 (2011)Google Scholar
  9. 9.
    Parvin, H., Alizadeh, H., Minaei-Bidgoli, B., Analoui, M.: CCHR: combination of classifiers using heuristic retraining. In: International Conference on Networked Computing and Advanced Information Management (NCM 2008) (2008)Google Scholar
  10. 10.
    Parvin, H., Alizadeh, H., Fathy, M., Minaei-Bidgoli, B.: Improved face detection using spatial histogram features. In: IPCV 2008, pp. 381–386 (2008)Google Scholar
  11. 11.
    Parvin, H., Alinejad-Rokny, H., Parvin, S.: A classifier ensemble of binary classifier ensembles. Int. J. Learn. Manag. Syst. 1(2), 37–47 (2013)CrossRefGoogle Scholar
  12. 12.
    Parvin, H., Minaei-Bidgoli, B.: A clustering ensemble framework based on elite selection of weighted clusters. Adv. Data Anal. Classif. 7(2), 181–208 (2013)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Alizadeh, H., Minaei-Bidgoli, B., Parvin, H.: Optimizing fuzzy cluster ensemble in string representation. IJPRAI 27(2), 1350005 (2013)MathSciNetGoogle Scholar
  14. 14.
    Parvin, H., Beigi, A., Mozayani, N.: A clustering ensemble learning method based on the ant colony clustering algorithm. Int. J. Appl. Comput. Math. 11(2), 286–302 (2012)MathSciNetGoogle Scholar
  15. 15.
    Alizadeh, H., Minaei-Bidgoli, B., Parvin, H.: To improve the quality of cluster ensembles by selecting a subset of base clusters. J. Exp. Theor. Artif. Intell. 26(1), 127–150 (2014)CrossRefGoogle Scholar
  16. 16.
    Alizadeh, H., Minaei-Bidgoli, B., Parvin, H.: Cluster ensemble selection based on a new cluster stability measure. Intell. Data Anal. 18(3), 389–408 (2014)CrossRefGoogle Scholar
  17. 17.
    Minaei-Bidgoli, B., Parvin, H., Alinejad-Rokny, H., Alizadeh, H., Punch, W.F.: Effects of resampling method and adaptation on clustering ensemble efficacy. Artif. Intell. Rev. 41(1), 27–48 (2014)CrossRefGoogle Scholar
  18. 18.
    Parvin, H., Minaei-Bidgoli, B.: A clustering ensemble framework based on selection of fuzzy weighted clusters in a locally adaptive clustering algorithm. Pattern Anal. Appl. 18(1), 87–112 (2015)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Parvin, H., Mirnabibaboli, M., Alinejad-Rokny, H.: Proposing a classifier ensemble framework based on classifier selection and decision tree. Eng. Appl. Artif. Intell. 37, 34–42 (2015)CrossRefGoogle Scholar
  20. 20.
    Parvin, H., Mohammadi, M., Rezaei, Z.: Face identification based on Gabor-wavelet features. Int. J. Digit. Content Technol. Appl. 6(1), 247–255 (2012)CrossRefGoogle Scholar
  21. 21.
    Bhutan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16(1), 303–336 (2014)CrossRefGoogle Scholar
  22. 22.
    Luxburg, U.V., Bousquet, O.: Distance-based classification with Lipschitz functions. J. Mach. Learn. Res. 5, 669–695 (2004)MathSciNetzbMATHGoogle Scholar
  23. 23.
    Cortes, C., Vapnik, V.: Support-vector network. Mach. Learn. 20, 273–297 (1995)zbMATHGoogle Scholar
  24. 24.
    Zhang, J., Perdisci, R., Lee, W., Luo, X., Sarfraz, U.: Building a scalable system for stealthy P2P-botnet detection. IEEE Trans. Inf. Forensics Secur. 9(1), 27–38 (2014)CrossRefGoogle Scholar
  25. 25.
  26. 26.
    Kuang, F., Xu, W., Zhang, S.: A novel hybrid KPCA and SVM with GA model for intrusion detection. Appl. Soft Comput. 18, 178–184 (2014)CrossRefGoogle Scholar
  27. 27.
    NSL-KDD data set for network-based intrusion detection systems, March 2009.
  28. 28.
    Keshavarz, A., Ghassemian, H., Dehghani, H.: Hierarchical classification of hyperspectral images by using SVMs and neighborhood class property. In: IEEE IGARSS2005, pp. 3219–3222 (2005)Google Scholar
  29. 29.
    Woniakeyot, M., Graña, M., Corchado, E.: A survey of multiple classifier systems as hybrid systems. Inf. Fusion 16, 45–90 (2014)Google Scholar
  30. 30.
    Bijani, S., Robertson, D.: A review of attacks and security approaches in open multi-agent systems. Artif. Intell. Rev. 1–30 (2012)Google Scholar
  31. 31.
    Chebrolu, S., Abraham, A., Thomas, J.P.: Feature deduction and ensemble design of intrusion detection systems. Comput. Secur. 24, 295–307 (2005)CrossRefGoogle Scholar
  32. 32.
    Pawlak, Z.: Rough sets. Int. J. Comput. Inf. Sci. 11(5), 341–356 (1982)CrossRefGoogle Scholar
  33. 33.
    Zhou, J., Hu, L., Wang, F., Lu, H., Zhao, K.: An efficient multidimensional fusion algorithm for IOT data based on partitioning. Tsinghua Sci. Technol. 18, 369–378 (2013)CrossRefGoogle Scholar
  34. 34.
    Zhang, L., Zhang, G., Yu, L., Bai, Y.: Intrusion detection using rough set classification. J. Zhejiang Univ. Sci. 5(9), 1076–1086 (2004)CrossRefGoogle Scholar
  35. 35.
    Chen, R.C., Cheng, K., Hsieh, C.F.: Using rough set and support vector machine for network intrusion detection system. In: Proceedings of the 1st Asian Conference on Intelligent Information and Database Systems, Washington, DC, USA (2009)Google Scholar
  36. 36.
    Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceeding of the 2009 IEEE Symposium on Computational Intelligence in Security and Defense Application (CISDA) (2009)Google Scholar
  37. 37.
    Stolfo, S.J., Fan, W., Prodromidis, A., Chan, P.K., Lee, W.: Cost-sensitive modeling for fraud and intrusion detection: results from the JAM project. In Proceedings of the 2000 DARPA information survivability conference and exposition (2000)Google Scholar
  38. 38.
    Lippmann, R., Haines, J., Fried, D., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Comput. Netw. 34, 579–595 (2000)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Ghodratolah Dastfal
    • 1
  • Samad Nejatian
    • 2
    • 3
    Email author
  • Hamid Parvin
    • 1
    • 4
  • Vahideh Rezaie
    • 3
    • 5
  1. 1.Department of Computer Engineering, Nourabad Mamasani BranchIslamic Azad UniversityNourabad, MamasaniIran
  2. 2.Department of Electrical Engineering, Yasooj BranchIslamic Azad UniversityYasoojIran
  3. 3.Young Researchers and Elite Club, Yasooj BranchIslamic Azad UniversityYasoojIran
  4. 4.Young Researchers and Elite Club, Nourabad Mamasani BranchIslamic Azad UniversityNourabad, MamasaniIran
  5. 5.Department of Mathematic, Yasooj BranchIslamic Azad UniversityYasoojIran

Personalised recommendations