On the KDD’99 Dataset: Support Vector Machine Based Intrusion Detection System (IDS) with Different Kernels

The success of any Intrusion Detection System (IDS) is a complicated problem due to its nonlinearity and the quantitative or qualitative network traffic data stream with many features. To get rid of this problem, several types of intrusion detection methods have been proposed and shown different levels of accuracy. This is why, the choice of the effective and robust method for IDS is very important topic in information security. Support vector machine (SVM) has been employed to provide potential solutions for the IDS problem. However, the practicability of SVM is affected due to the difficulty of selecting appropriate kernel and its parameters. Thus, this paper is aimed to use different kernel on the KDD’99 Dataset and find out which is best for SVM based intrusion detection system. In this work, we have developed a new data set, KDD99Train+ and KDD99Test+, which does not include any redundant records in the train set as well as in the test set which was an inherent problem of KDD’99 dataset, so the classifiers will not be biased towards more frequent records. The experimental results indicate that RBF kernel can achieve higher detection ratethan others kernel like Linear and polynomial kernelin the same time. RBF kernel also shows lower false negative rate thanpolynomial kernel.