Karafan Journal

Karafan Journal

Detection of network penetration by data mining and using machine learning via SVM algorithm

Document Type : Original Article

Authors
Amir abbas Namjouye Rad 1
Mahdi Dadgarpour 2
1 Faculty Member, Department of Electrical and Computer Engineering, Faculty of Shahid Dadbin, Kerman branch, Technical and Vocational University (TVU), kerman, Iran.
2 MA Student, Department of Information Technology, Faculty of E-Learning, Shiraz University, Shiraz, Iran.
10.48301/kssa.2021.128393
Abstract
Computer networks are spreading widely and one of the most outstanding challenges in computer network security is detecting intrusions into networks. One of the main tools for detection is controlling network traffic and analyzing users’ behavior. One way of accomplishing this is to set classifications that specify the patterns in huge volumes of data. By means of data mining methods and introducing a binary label (normal pack, abnormal pack) and specifying the priority of data, abnormal data is detected leading to increased accuracy of network intrusion detection which in turn leads to improvement and maintenance of network security. In this paper, SVM algorithm is analyzed in terms of priorities and the effect of machine learning algorithm on accuracy of intrusion detection is investigated. The results show that using SVM is more advantageous compared to past approaches yielding better detection and increasing accuracy and right alarm detection.
Keywords
SVM algorithm
data mining
machine learning
Intrusion detect
Subjects
References
[1] Liao, H.-J., Richard Lin, C.-H., Lin, Y.-C., & Tung, K.-Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16-24. https://doi.org/10.1016/j.jnca.2012.09.004
[2] García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security, 28(1), 18-28. https://doi.org/10.1016/j.cose.2008.08.003
[3] Kim, G., Lee, S., & Kim, S. (2014). A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Systems with Applications, 41(4, Part 2), 1690-1700. https://doi.org/10.1016/j.eswa.2013.08.066
[4] Azarksab, S., & Shiri Gheidari, S. (2009, February 17-18). Detect database intrusions using event logging Fifth International Conference on Information and Communication Technology Management, Tehran, Iran.  https://civilica.com/doc/86437
[5] Brenton, C., & Hunt, C. (2006). Mastering Network Security. Wiley. https://books.google. com/books?id=l1smhXkqkc4C
[6] Maiwald, E. (2012). Network Security A Beginner's Guide 3/E. Mcgraw-hill. https://boo ks.google.com/books?id=te6071UbV0gC
[7] Ning, P., Cui, Y., & Reeves, D. S. (2002, November 18-22). Constructing attack scenarios through correlation of intrusion alerts. The 9th ACM conference on Computer and communications security, Washington, DC USA. https://dl.acm.org/doi/abs/10.11 45/586110.586144
[8] Wood, M., & Erlinger, M. (2007). Intrusion Detection Message Exchange Requirements. RFC, 4766, 1-25. https://doi.org/10.17487/RFC4766
[9] Sweeney, M., Baumrucker, C. T., Burton, J. D., & Dubrawsky, I. (2003, November 20). Cisco Security Professional's Guide to Secure Intrusion Detection Systems (1st ed.). Syngress. https://www.amazon.com/Security-Professionals-Intrusion-Detection-Sy stems/dp/1932266690
[10] McHugh, J. (2003). Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security, 3(4), 262–294. https://doi.org/10.1145/382912.382923
[11] Salehpour, N., Nazari Farokhi, M., & Nazari Farokhi, E. (2015). Provida Method Based onSupport Vector Machines ForIntrusion Detectionin Computer Networks [Scientific research]. Biannual Journal Monadi for Cyberspace Security (AFTA), 3(2), 51-64. http://monadi.isc.org.ir/article-1-33-en.html
[12] Hashemi, S. M. (2013). Efficiency of SVM and PCA to enhance intrusion detection systems. Journal of Asian Scientific research, 3(4), 381-395.
[13] Gollmann, D. (2011). Computer Security. Wiley. https://books.google.com/books?id= KTYxTfyjiOQC
[14] Hamidi, A., & Ziaei, S. M. (2009, July). Introduction of Snort intrusion detection system. T. I. Ferdowsi University of Mashhad and Iran Telecommunication Research Center. https://cert.um.ac.ir/index.php?r=fileManager/getFile&id=193
Karafan Journal
Volume 17, Issue 4 - Serial Number 50
Technical and Engineering
Winter 2021
Pages 13-34

  • Receive Date 26 January 2020
  • Revise Date 11 December 2020
  • Accept Date 24 January 2021