Analysis of Machine Learning Techniques Based Intrusion Detection Systems

  • Rupam Kr. Sharma
  • Hemanta Kumar Kalita
  • Parashjyoti Borah
Conference paper
Part of the Smart Innovation, Systems and Technologies book series (SIST, volume 44)


Attacks on Computer Networks are one of the major threats on using Internet these days. Intrusion Detection Systems (IDS) are one of the security tools available to detect possible intrusions in a Network or in a Host. Research showed that application of machine learning techniques in intrusion detection could achieve high detection rate as well as low false positive rate. This paper discusses some commonly used machine learning techniques in Intrusion Detection System and also reviews some of the existing machine learning IDS proposed by authors at different times.


Intrusion detection system Supervised learning Unsupervised learning KDD’99 Anomaly detection Host intrusion system 


  1. 1.
    De Boer, P., Pels, M.: Host-Based Intrusion Detection Systems. Amsterdam University, Amsterdam (2005)Google Scholar
  2. 2.
    Garcia-Teodoro, P., et al.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28.1, 18–28 (2009)Google Scholar
  3. 3.
    Richert, W.: Building Machine Learning Systems with Python. Packt Publishing Ltd, UK (2013)Google Scholar
  4. 4.
    Mitchell, T.M.: Machine Learning. McGraw-Hill Science/Engineering/Math, (March 1, 1997), ISBN: 0070428077Google Scholar
  5. 5.
    Hu, W., Liao, Y., Vemuri, V.R.: Robust Support Vector Machines for Anomaly Detection in Computer Security. ICMLA (2003)Google Scholar
  6. 6.
    Kohonen, T.: The self-organizing map. Proc. IEEE 78(9), 1464–1480 (1990)CrossRefGoogle Scholar
  7. 7.
    Farid, D.M., Rahman, M.Z.: Learning intrusion detection based on adaptive bayesian algorithm. In: 11th International Conference on Computer and Information Technology, 2008. ICCIT 2008, IEEE (2008)Google Scholar
  8. 8.
    Lin, S.-W., et al.: An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Appl. Soft Comput. 12(10), 3285–3290 (2012)CrossRefGoogle Scholar
  9. 9.
    Bertsimas, D., Tsitsiklis, J.: Simulated annealing. Stat. Sci. 8(1), 10–15 (1993)CrossRefGoogle Scholar
  10. 10.
    Song, G., et al.: Multiple kernel learning method for network anomaly detection. In: 2010 International Conference on Intelligent Systems and Knowledge Engineering (ISKE), IEEE (2010)Google Scholar
  11. 11.
    Kloft, M., et al.: Lp-norm multiple kernel learning. J. Mach. Learn. Res. 12, 953–997 (2011)Google Scholar
  12. 12.
    Li, Y., et al.: An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst. Appl. 39(1), 424–430 (2012)CrossRefGoogle Scholar
  13. 13.
    Wang, G., et al.: A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Syst. Appl. 37(9), 6225–6232 (2010)CrossRefGoogle Scholar
  14. 14.
    Al-Janabi, S.T.F., Saeed, H.A.: A neural network based anomaly intrusion detection system. Dev. E-syst. Eng. IEEE (2011)Google Scholar
  15. 15.
    Meng, Y.-X.: The practice on using machine learning for network anomaly intrusion detection. In; 2011 International Conference on Machine Learning and Cybernetics (ICMLC), vol. 2, IEEE (2011)Google Scholar
  16. 16.
    Tian, W.J., Liu, J.C.: A new network intrusion detection identification model research. In: 2010 2nd International Asia Conference on Informatics in Control, Automation and Robotics (CAR), vol. 2. IEEE (2010)Google Scholar
  17. 17.
    Jadidi, Z., et al.: Flow-based anomaly detection using neural network optimized with GSA algorithm. In: 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops (ICDCSW), IEEE (2013)Google Scholar
  18. 18.
    Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection using neural networks and support vector machines. In: Proceedings of the 2002 International Joint Conference on Neural Networks, 2002. IJCNN’02, vol. 2. IEEE (2002)Google Scholar
  19. 19.
    Abd Jalil, K., Kamarudin, M.H., Masrek, M.N.: Comparison of machine learning algorithms performance in detecting network intrusion. In: 2010 International Conference on Networking and Information Technology (ICNIT), IEEE (2010)Google Scholar
  20. 20.
    Osareh, A., Shadgar, B.: Intrusion detection in computer networks based on machine learning algorithms. Int. J. Comput. Sci. Netw. Secur. 8(11), 15–23 (2008)Google Scholar
  21. 21.
  22. 22.
    Kim, D.S., Nguyen, H.-N., Park, J.S.: Genetic algorithm to improve SVM based network intrusion detection system. In: 19th International Conference on Advanced Information Networking and Applications, 2005. AINA 2005, vol. 2. IEEE (2005)Google Scholar
  23. 23.
  24. 24.
    Feng, W., et al.: Mining network data for intrusion detection through combining SVMs with ant colony networks. Future Gener. Comput. Syst. 37, 127–140 (2014)Google Scholar
  25. 25.
    Pfahringer, B.: Wining the KDD99 classification cup: bagged boosting. SIGKDD Explor. Newsl. 1(2), 65–66 (2000)CrossRefGoogle Scholar
  26. 26.
    Enache, A.-C., Patriciu, V.V.: Intrusions detection based on Support Vector Machine optimized with swarm intelligence. In: 9th International Symposium on Applied Computational Intelligence and Informatics (SACI), 2014 IEEE (2014)Google Scholar
  27. 27.
    Sperotto, A., et al.: A labeled data set for flow-based intrusion detection. IP Operations and Management. Springer, Berlin, pp. 39–50 (2009)Google Scholar
  28. 28.
    Sharma, R.K., Kalita, H.K., Issac, B.: Different firewall techniques: a survey. In: 2014 International Conference on Computing, Communication and Networking Technologies (ICCCNT), IEEE (2014)Google Scholar

Copyright information

© Springer India 2016

Authors and Affiliations

  • Rupam Kr. Sharma
    • 1
  • Hemanta Kumar Kalita
    • 1
  • Parashjyoti Borah
    • 2
  1. 1.North Eastern Hills UniversityShillongIndia
  2. 2.Assam Don Bosco UniversityGuwahatiIndia

Personalised recommendations