An intrusion detection approach using ensemble Support Vector Machine based Chaos Game Optimization algorithm in big data platform

Abstract

The mainstream computing technology is not efficient in managing massive data and detecting network traffic intrusions, often including big data. The intrusions present in sustained network traffic and the massive host log event data cannot be effectively managed by conventional analytical tools, resulting in a huge number of false positives and a longer training time. This paper presents a novel technique to enhance the intrusion detection process by handling the fundamental big data complexities associated with different forms of heterogeneous security data. To achieve the earlier objective, the ensemble Support Vector Machine (SVM) is integrated with the Chaos Game Optimization (CGO) algorithm. The proposed methodology improves the intrusion classification accuracy and also identifies nine different types of attacks present in the UNSW-NB15 dataset. The efficiency of the proposed methodology is evaluated using statistical analysis and different performance metrics such as precision, recall, F1-score, accuracy, ROC curve, and confusion matrix by comparing it with different baseline models. The proposed methodology obtains an accuracy of 96.29% when compared to the chi-SVM (89.12%) and an improvement of 6.47% is noted in the proposed methodology in terms of accuracy when compared with the chi-SVM. The higher classification accuracy shows that the proposed methodology exhibit a fewer number of false positives when handling the security events in big data platforms.