Feature selection and design of intrusion detection system based on k-means and triangle area support vector machine

Nowadays, challenged by malicious use of network and intentional attacks on personal computer system, intrusion detection system has become an indispensible and infrastructural mechanism for securing critical resource and information. Most current intrusion detection systems focus on hybrid supervised and unsupervised machine learning technologies. The related work has demonstrated that they can get superior performance than applying single machine learning algorithm in detection model. Besides, with the scrutiny of related works, feature selecting and representing techniques are also essential in pursuit of high efficiency and effectiveness. Performance of specified attack type detection should also be improved and evaluated. In this paper, we incorporate information gain (IG) method for selecting more discriminative features and triangle area based support vector machine (TASVM) by combining k-means clustering algorithm and SVM classifier to detect attacks. Our system achieves accuracy of 99.83%, detection rate of 99.88% and false alarm rate of 2.99% on the 10% of KDD CUP 1999 evaluation data set. We also achieve a better detection performance for specific attack types concerning precision and recall.