Abstract
This paper concerns using support vector machines (SVMs) and artificial neural networks (ANNs) for intrusion detection. We investigate and compare the performance of IDSs using SVMs and ANNs, using a well-known set of intrusion evaluation data gathered by DARPA. Through a variety of comparative experiments, it is found that, with appropriately chosen kernel functions, SVMs outperform ANNs in at least three critical aspects of IDS performance: (1) Accuracy - SVMs achieve very-high accuracy (in the high 90% range) than the best-trained ANNs, (2) Training Time and Testing Time - SVMs' training time and testing time are an order of magnitude faster than ANNs', and (3) Scalability - SVMs scale much better than ANNs. SVMs, therefore, provide suitable tools for building signature-based IDSs. We describe our investigation methodology, report experimental results, and conclude by describing an ongoing effort of a SVM and agents-based IDS that delivers enhanced performance, that possesses enhanced intrusion response capability and that is applicable to wireless networks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.