Anomaly Traffic Detection Based onPCA and SFAM

Anomaly Traffic Detection Based onPCA and SFAM

Preecha Somwang1, 2 and Woraphon Lilakiatsakun2

1Office of Academic Resources and Information Technology, Rajamangala University of Technology Isan, Thailand

 2Faculty of Information Science and Technology, Mahanakorn University of Technology, Thailand

Abstract: Intrusion Detection System (IDS) has been an important tool for network security. However, existing IDSs that have been proposed do not perform well for anomaly traffics especially Remote to Local (R2L) attack which is one of the most concerns. We thus propose a new efficient technique to improve IDS performance focusing mainly on R2L attacks. The Principal Component Analysis (PCA) and Simplified Fuzzy Adaptive Resonance Theory Map (SFAM) are used to work collaboratively to perform feature selection. The results of our experiment based on KDD Cup’99 dataset show that this hybrid method improves classification performance of R2L attack significantly comparing to other techniques while classification of  the other types of attacks are still well performing.

 Keywords: Intrusion detection system; network security; PCA; SFAM.

 Received May, 3, 2013; accepted March, 24, 2014

Full Text

 

 

 

 

Read 2076 times Last modified on Sunday, 19 August 2018 04:51
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…