Title :
Artificial intelligent techniques for intrusion detection
Author :
Mukkamala, Srinivas ; Sung, Andrew H.
Author_Institution :
Dept. of Comput. Sci., New Mexico Tech, Socorro, NM, USA
Abstract :
This paper concerns using support vector machines (SVMs) and artificial neural networks (ANNs) for intrusion detection. We investigate and compare the performance of IDSs using SVMs and ANNs, using a well-known set of intrusion evaluation data gathered by DARPA. Through a variety of comparative experiments, it is found that, with appropriately chosen kernel functions, SVMs outperform ANNs in at least three critical aspects of IDS performance: (1) Accuracy - SVMs achieve very-high accuracy (in the high 90% range) than the best-trained ANNs, (2) Training Time and Testing Time - SVMs´ training time and testing time are an order of magnitude faster than ANNs´, and (3) Scalability - SVMs scale much better than ANNs. SVMs, therefore, provide suitable tools for building signature-based IDSs. We describe our investigation methodology, report experimental results, and conclude by describing an ongoing effort of a SVM and agents-based IDS that delivers enhanced performance, that possesses enhanced intrusion response capability and that is applicable to wireless networks.
Keywords :
learning (artificial intelligence); neural nets; security of data; support vector machines; DARPA; SVM; agents based IDS; artificial intelligent techniques; artificial neural networks; intrusion detection system; intrusion evaluation data; intrusion response capability; kernel functions; scalability; signature based IDS; support vector machines; testing time; training time; wireless networks; Artificial intelligence; Artificial neural networks; Computer science; Intelligent networks; Intrusion detection; Machine intelligence; Neural networks; Scalability; Support vector machines; Testing;
Conference_Titel :
Systems, Man and Cybernetics, 2003. IEEE International Conference on
Print_ISBN :
0-7803-7952-7
DOI :
10.1109/ICSMC.2003.1244585
