A multiclass SVM classification approach for intrusion detection

Abstract

As the number of threats to the computer network and network-based applications is increasing, there is a need for a robust intrusion detection system that can ensure security against threats. To detect and defend against a specific attack, the pattern of the attack should be known a priori. Classification of attacks is a useful way to identify the unique patterns of different type of attack. As a result, KDDCup99, NSLKDD and GureKDD datasets are used in this experiment to improve the learning process and study different attack patterns thoroughly. This paper proposed a multi-class Support Vector Machine classifier(MSVM), using one versus all method, to identify one attack uniquely, which in turn helps to defend against the known as well as unknown attacks. Experimentally, the proposed scheme provides better detection accuracy, fewer false positives, and lesser training and generalization error in comparison to the existing approach.