Intrusion Detection System Using SVM as Classifier and GA for Optimizing Feature Vectors

Nowadays, IDS is an essential technology for defense in depth. Researchers have interested on IDS using data mining and artificial intelligence (AI) techniques as an artful. IDSs can monitor system behavior and network traffic until detect intrusive action. One of the IDS models is anomaly based IDS which trained to distinguish between normal and abnormal traffic. This paper has proposed an anomaly based IDS using GA for optimizing feature vectors and SVM as a classifier. SVM has used as a supervised learning machine that analyses data and recognize patterns, used for classification and regression analysis. After optimization best features for SVM, IDS can detect abnormal traffic more accurate. There is an innovation in fitness function which is formed from TPR, FPR and the number of selected features. The new fitness function reduced the dimension of the data, increased true positive detection and simultaneously decreased false positive detection. In addition, the computation time for training will also have a remarkable reduction. This study proposes a method which can achieve more stable features in comparison with other techniques. The proposed model has been evaluated test with KDD CUP 99 and UNSW-NB15 datasets. Numeric Results and comparison to other models have been presented.