Abstract:
Due to continuous growth of the Internet
technology, it needs to establish security
mechanism. However, many current intrusion
detection systems (IDSs) are rule-based systems,
which have limitations to detect novel intrusions.
Moreover, encoding rules is time-consuming and
highly depends on the knowledge of known
intrusions. Therefore, we propose new systematic
framework that apply a data mining algorithm
called random forests (RF) and Support Vector
Machine (SVM). This system uses Random
Forests (RF) for feature selection and parameter
optimization and Support Vector Machine (SVM)
for intrusion detection. RF provides the variable
importance by numeric values so that the
irrelevant features can be eliminated. Support
Vector Machines (SVM) as a classical pattern
recognition tool have been widely used for
intrusion detection. First, RF is utilized to
preprocess the data and select the most
important features to eliminate the insignificant
features and optimize parameters. Second, SVM
model is used to learn and detect intrusion using
selected important features.
