Reducing U2R and R2L category false negative rates with support vector machines

Maček Nemanja; Milosavljević Milan

doi:10.2298/SJEE131007015M

Serbian Journal of Electrical Engineering (Jan 2014)

Reducing U2R and R2L category false negative rates with support vector machines

Maček Nemanja,
Milosavljević Milan

Affiliations

Maček Nemanja: School of Electrical Engineering and Computing of Applied Studies, Belgrade
Milosavljević Milan: Singidunum University, Belgrade + School of Electrical Engineering, Belgrade

DOI: https://doi.org/10.2298/SJEE131007015M
Journal volume & issue: Vol. 11, no. 1
pp. 175 – 188

Abstract

Read online

The KDD Cup '99 is commonly used dataset for training and testing IDS machine learning algorithms. Some of the major downsides of the dataset are the distribution and the proportions of U2R and R2L instances, which represent the most dangerous attack types, as well as the existence of R2L attack instances identical to normal traffic. This enforces minor category detection complexity and causes problems while building a machine learning model capable of detecting these attacks with sufficiently low false negative rate. This paper presents a new support vector machine based intrusion detection system that classifies unknown data instances according both to the feature values and weight factors that represent importance of features towards the classification. Increased detection rate and significantly decreased false negative rate for U2R and R2L categories, that have a very few instances in the training set, have been empirically proven.

Published in Serbian Journal of Electrical Engineering

ISSN: 1451-4869 (Print); 2217-7183 (Online)
Publisher: Faculty of Technical Sciences in Cacak
Country of publisher: Serbia
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: http://www.journal.ftn.kg.ac.rs/

About the journal

Abstract

Keywords