An Adaptive IDS Model Based on Swarm Intelligence and Support Vector Machine

Intrusion detection system looks for unusual or suspicious activity, such as patterns of network traffics that are likely indicators of unauthorized activity. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large, human labeling is tedious, time-consuming, and expensive. In this paper we present support vector machine approach to data clustering. Support vector machine is used to initially create raw clusters and then these clusters are refined using artificial fuzzy ants clustering (AFAC). AFAC that has been developed as swarm intelligence techniques. The Algorithm uses ant colony optimization principle to find good partitions of the data. Certain unnecessary complications of the original algorithm are discussed and means of overcoming these complexities are proposed. We propose artificial fuzzy ants clustering (AFAC) in the second stage for refinement mean of overcoming these complexities are proposed. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. The experimental results on knowledge discovery and data mining-(KDDCup 1999)