Open Access  Subscription or Fee Access

As network attacks have increased in number and severity over the past few years, intrusion detection system (IDS) is increasingly becoming a critical component to secure the network. Due to large volumes of security audit data as well as complex and dynamic properties of intrusion behaviors, optimizing performance of IDS becomes an important open problem that is receiving more and more attention from the research community. Support Vector Machines (SVMs) are the classifiers which were originally designed for binary classification. The classification applications can solve multi-class problems. Decision-tree-based support vector machine which combines support vector machines and decision tree can be an effective way for solving multi-class problems. This method can decrease the training and testing time, increasing the efficiency of the system. In this paper we are studying an algorithm, A hierarchical binary tree multi-class support vector machine (BTMSVM), which has been used for classifying data. A BTMSVM based on class similarity in feature space is improved to overcome the drawbacks such as unclassifiable region which the existent methods have. This paper proposes the decision tree based algorithm to construct multiclass intrusion detection system.

Binary Tree Multi-Class Support Vector Machine (BTMSVM), Decision Tree (DT), Intrusion Detection System (IDS), Support Vector Machine (SVM).

A Sandya Peddabachigari, Ajith Abraham, Crina Grosan, Johanson Thomas. Modeling Intrusion Detection Systems Using Hybrid Intelligent Systems. Journal of Network and Computer Applications-2005.

Vapnik, V. (1995) The Nature of Statistical Learning Theory. Springer-Verlag, London.

Vapnik, V. (1998). Statistical Learning Theory. Wiley-Interscience, NY.

YMahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani. A detailed analysis of KDD CUP’99 data set. IEEE-2009.

http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

Jun GUO, Norikazu Takahashi, Wenxin Hu. An Efficient Algorithm for Multi-class Support Vector Machines. IEEE-2008.

Ma Xiaoxiao, Huang Xiyue,Chaiyi, “2PTMC Classification Algorithm based on Support Vector Machines and Its Application to Fault Diagnosis,” Control and Decision,vol.18,No.3,2003, pp.272-276.

TANG Faming, WANG Zhongdong, CHEN Mianyun, “On Multiclass Classification Methods for Support Vector Machines,” Control and Decision, 2005, 20(7), pp.46-749.

E. Bredensteiner and K. Bennett, “Multicategory Classification by Support Vector Machines,” Computational Optimization and Applications, vol.12, No.1, 1999, pp.53-79.

K. Crammer and Y. Singer, “On the Algorithmic Implementation of Multi-Class Kernel-Based Vector Machines,” Journal of Machine Learning Research, vol.2, 2001, pp.265-292.

U. Kreel, “Pairwise Classification and Support Vector Machines,” Advances in Kernel Methods:Support Vector Learnings, Cambridge:MIT Press, 1999,pp.255- 268.

Sungmoon Cheong,Sang Hoon oh,Soo-Young Lee, “Support Vector Machines with Binary Tree Architecture for Multi-class Classification,” Neural Information Processing- Letters and Reviews,vol.2,No.3,2004,pp.47-51.

Ma Xiaoxiao, Huang Xiyue,Chaiyi, “2PTMC Classification Algorithm based on Support Vector Machines and Its Application to Fault Diagnosis,” Control and Decision,vol.18,No.3,2003, pp.272-276.

ECKMANN S, VIGNA G, KEMMERER R. STATL: An Attack Language for State-based Intrusion Detection [J]. Joumal of Computer Security, 2002, 10(1/2).

Anup K Ghosh, Aaron Schwartzbard, A Study in Using Neural Networks for Anomaly and Misuse Detection, The 8th USENIX Security Symposium, Washington D C, 1999.

B Balajinath, S V Raghavan, Intrusion Detection through Learning Behavior Model, Computer Communication, 2001, 24(12).