Anomaly Traffic Detection Based onPCA and SFAM
Preecha Somwang1, 2 and Woraphon Lilakiatsakun2
1Office of Academic Resources and Information Technology, Rajamangala University of Technology Isan, Thailand
2Faculty of Information Science and Technology, Mahanakorn University of Technology, Thailand
Abstract: Intrusion Detection System (IDS) has been an important tool for network security. However, existing IDSs that have been proposed do not perform well for anomaly traffics especially Remote to Local (R2L) attack which is one of the most concerns. We thus propose a new efficient technique to improve IDS performance focusing mainly on R2L attacks. The Principal Component Analysis (PCA) and Simplified Fuzzy Adaptive Resonance Theory Map (SFAM) are used to work collaboratively to perform feature selection. The results of our experiment based on KDD Cup’99 dataset show that this hybrid method improves classification performance of R2L attack significantly comparing to other techniques while classification of the other types of attacks are still well performing.
Keywords: Intrusion detection system; network security; PCA; SFAM.
Received May, 3, 2013; accepted March, 24, 2014
