Application of SVM and ANN for intrusion detection

The popularization of shared networks and Internet usage demands increases attention on information system security, particularly on intrusion detection. Two data mining methodologies—Artificial Neural Networks (ANNs) and Support Vector Machine (SVM) and two encoding methods—simple frequency-based scheme and tf×idf scheme are used to detect potential system intrusions in this study. Our results show that SVM with tf×idf scheme achieved the best performance, while ANN with simple frequency-based scheme achieved the worst. The data used in experiments are BSM audit data from the DARPA 1998 Intrusion Detection Evaluation Program at MIT's Lincoln Labs.