A Review of Classification Approaches Using Support Vector Machine in Intrusion Detection

  • Noreen Kausar
  • Brahim Belhaouari Samir
  • Azween Abdullah
  • Iftikhar Ahmad
  • Mohammad Hussain
Part of the Communications in Computer and Information Science book series (CCIS, volume 253)


Presently, Network security is the most concerned subject matter because with the rapid use of internet technology and further dependence on network for keeping our data secure, it’s becoming impossible to protect from vulnerable attacks. Intrusion detection systems (IDS) are the key solution for detecting these attacks so that the network remains reliable. There are different classification approaches used to implement IDS in order to increase their efficiency in terms of detection rate. Support vector machine (SVM) is used for classification in IDS due to its good generalization ability and non linear classification using different kernel functions and performs well as compared to other classifiers. Different Kernels of SVM are used for different problems to enhance performance rate. In this paper, we provide a review of the SVM and its kernel approaches in IDS for future research and implementation towards the development of optimal approach in intrusion detection system with maximum detection rate and minimized false alarms.


Intrusion Detection System (IDS) SVM Kernel RBF Knowledge Discovery and Data Mining (KDD) Defense Advanced Research Projects Agency (DARPA) 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ahmad, I., Abdullah, A.B., Alghamdi, A.S.: Artificial neural network approaches to intrusion detection: a review. In: Proceedings of the 8th Wseas International Conference on Telecommunications and Informatics, Istanbul, Turkey (2009)Google Scholar
  2. 2.
    Kabiri, P., Ghorbani, A.A.: Research on intrusion detection and response: A survey. International Journal of Network Security 1(2), 84–102 (2005)Google Scholar
  3. 3.
    Mitrokotsa, A., Douligeris, C.: Detecting denial of service attacks using emergent self-organizing maps. In: Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology 2005, pp. 375–380 (2005)Google Scholar
  4. 4.
    Yuxin, W., Muqing, W.: Intrusion detection technology based on CEGA-SVM. In: Third International Conference on Security and Privacy in Communications Networks and the Workshops, SecureComm 2007, pp. 244–249 (2007)Google Scholar
  5. 5.
    Denning, D.E.: An Intrusion-Detection Model. IEEE Trans. Softw. Eng. 13(2), 222–232 (1987)CrossRefGoogle Scholar
  6. 6.
    Anderson, J.P.: Computer security threat monitoring and surveillance. Technical Report. pp. 1–56. Ford Washington PA (1980)Google Scholar
  7. 7.
    Ahmad, I., Abdullah, A.B., Alghamdi, A.S.: Application of artificial neural network in detection of DOS attacks. In: Proceedings of the 2nd International Conference on Security of Information and Networks, Famagusta, North Cyprus (2009)Google Scholar
  8. 8.
    Zhu, G., Liao, J.: Research of Intrusion Detection Based on Support Vector Machine. In: International Conference on Advanced Computer Theory and Engineering, pp. 434–438 (2008)Google Scholar
  9. 9.
    Vladimir, V.N.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)zbMATHGoogle Scholar
  10. 10.
    Xiao, H., Peng, F., Wang, L., Li, H.: Ad hoc-based feature selection and support vector machine classifier for intrusion detection. In: IEEE International Conference on Grey Systems and Intelligent Services (GSIS 2007), pp. 1117–1121 (2007)Google Scholar
  11. 11.
    Gao, M., Tian, J., Xia, M.: Intrusion Detection Method Based on Classify Support Vector Machine. In: Proceedings of the 2009 Second International Conference on Intelligent Computation Technology and Automation, pp. 391–394 (2009)Google Scholar
  12. 12.
    Ahmad, I., Abdulah, A., Alghamdi, A.: Towards the Designing of a Robust Intrusion Detection System through an Optimized Advancement of Neural Networks. In: Kim, T.-h., Adeli, H. (eds.) AST/UCMA/ISA/ACN 2010. LNCS, vol. 6059, pp. 597–602. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Yang, M.-h., Wang, R.-c.: DDoS detection based on wavelet kernel support vector machine. The Journal of China Universities of Posts and Telecommunications 15(3), 59–63, 94 (2008)Google Scholar
  14. 14.
    Kumar, G., Kumar, K., Sachdeva, M.: The use of artificial intelligence based techniques for intrusion detection: a review. Artificial Intelligence Review 34(4), 369–387 (2010)CrossRefGoogle Scholar
  15. 15.
    Mulay, S.A., Devale, P.R., Garje, G.V.: Intrusion Detection System Using Support Vector Machine and Decision Tree. International Journal of Computer Applications 3(3), 40–43 (2010)CrossRefGoogle Scholar
  16. 16.
    Li, C.-C., Guo, A.-l., Li, D.: Combined Kernel SVM and Its Application on Network Security Risk Evaluation. In: International Symposium on Intelligent Information Technology Application Workshops (IITAW 2008), pp. 36–39 (2008)Google Scholar
  17. 17.
    Jiancheng, S.: Fast tuning of SVM kernel parameter using distance between two classes. In: 3rd International Conference on Intelligent System and Knowledge Engineering (ISKE 2008), pp. 108–113 (2008)Google Scholar
  18. 18.
    Broomhead, D.S., Lowe, D.: Multivariable Functional Interpolation and Adaptive Networks. Complex Systems 2, 321–355 (1988)MathSciNetzbMATHGoogle Scholar
  19. 19.
    Yuan, J., Li, H., Ding, S., Cao, L.: Intrusion Detection Model Based on Improved Support Vector Machine. In: Proceedings of the 2010 Third International Symposium on Intelligent Information Technology and Security Informatics, pp. 465–469 (2010)Google Scholar
  20. 20.
    Yendrapalli, K., Mukkamala, S., Sung, A.H., Ribeiro, B.: Biased Support Vector Machines and Kernel Methods for Intrusion Detection. In: Proceedings of the World Congress on Engineering (WCE 2007), London, U.K (2007)Google Scholar
  21. 21.
    Yuancheng, L., Zhongqiang, W., Yinglong, M.: An intrusion detection method based on KICA and SVM. In: 7th World Congress on Intelligent Control and Automation (WCICA 2008), pp. 2141–2144 (2008)Google Scholar
  22. 22.
    Yuan, R., Li, Z., Guan, X., Xu, L.: An SVM-based machine learning method for accurate internet traffic classification. Information Systems Frontiers 12(2), 149–156 (2010)CrossRefGoogle Scholar
  23. 23.
    Zaman, S., Karray, F.: Features Selection for Intrusion Detection Systems Based on Support Vector Machines. In: 6th IEEE Consumer Communications and Networking Conference (CCNC 2009), pp. 1–8 (2009)Google Scholar
  24. 24.
    Rung-Ching, C., Kai-Fan, C., Ying-Hao, C., Chia-Fen, H.: Using Rough Set and Support Vector Machine for Network Intrusion Detection System. In: First Asian Conference on Intelligent Information and Database Systems (ACIIDS 2009), pp. 465–470 (2009)Google Scholar
  25. 25.
    Chen, R.C., Chen, S.P.: Intrusion Detection Using a Hybrid Support Vector Machine Based on Entropy and TF-IDF. International Journal of Innovative Computing, Information and Control (IJICIC) 4(2), 413–424 (2008)Google Scholar
  26. 26.
    Guan, X., Guo, H., Chen, L.: Network intrusion detection method based on Agent and SVM. In: The 2nd IEEE International Conference on Information Management and Engineering (ICIME), pp. 399–402 (2010)Google Scholar
  27. 27.
    Xiaomei, Y., Peng, W.: Security audit system using Adaptive Genetic Algorithm and Support Vector Machine. In: 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), pp. 265–268 (2010)Google Scholar
  28. 28.
    Ahmad, I., Abdullah, A.B., Alghamdi, A.S., Hussain, M.: Distributed Denial of Service attack detection using Support Vector Machine. Journal of Formation-Tokyo, 127–134 (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Noreen Kausar
    • 1
  • Brahim Belhaouari Samir
    • 2
  • Azween Abdullah
    • 1
  • Iftikhar Ahmad
    • 3
  • Mohammad Hussain
    • 4
  1. 1.Department of Computer and Information SciencesUniversiti Teknologi PETRONASPerakMalaysia
  2. 2.Department of Fundamental and Applied SciencesUniversiti Teknologi PETRONASPerakMalaysia
  3. 3.Department of Software Engineering, College of Computer and Information SciencesKing Saud UniversityRiyadhKingdom of Saudi Arabia
  4. 4.Department of Computer ScienceKing Saud UniversityRiyadhKingdom of Saudi Arabia

Personalised recommendations