Advanced SearchSearch Tips
A Comparative Study on the Performance of SVM and an Artificial Neural Network in Intrusion Detection
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Comparative Study on the Performance of SVM and an Artificial Neural Network in Intrusion Detection
Jo, Seongrae; Sung, Haengnam; Ahn, Byung-Hyuk;
  PDF(new window)
IDS (Intrusion Detection System) is used to detect network attacks through network data analysis. The system requires a high accuracy and detection rate, and low false alarm rate. In addition, the system uses a range of techniques, such as expert system, data mining, and state transition analysis to analyze the network data. The purpose of this study was to compare the performance of two data mining methods for detecting network attacks. They are Support Vector Machine (SVM) and a neural network called Forward Additive Neural Network (FANN). The well-known KDD Cup 99 training and test data set were used to compare the performance of the two algorithms. The accuracy, detection rate, and false alarm rate were calculated. The FANN showed a slightly higher false alarm rate than the SVM, but showed a much higher accuracy and detection rate than the SVM. Considering that treating a real attack as a normal message is much riskier than treating a normal message as an attack, it is concluded that the FANN is more effective in intrusion detection than the SVM.
Data Mining;Forward Additive Neural Network;IDS(Intrusion Detection System);Intrusion Detection;Neural Network;SVM(Support Vector Machine);
 Cited by
Dea-Woo Park, "Consideration for Hacking on National Cyber Security Policy," Review of KIISC, Vol. 21, No. 6, pp. 24-41, 2011.

Bace, R. and Mell, P., NIST Special Publication on Intrusion Detection Systems, BOOZ-ALLEN AND HAMILTON INC MCLEAN VA, 2001. DOI:

Hwan Seok Yang, "The Study on Rules for Performance Improvement of Intrusion Detection System," The Journal of KINGComputing, Vol. 5, No. 3, pp. 43-49, 2009.

Kyu Won Lee, Jae Won Ji, Hyun Woo Chun, Sang-jo Youk , Geuk Lee, "Traffic Analysis Technique for Intrusion Detectionin in Wireless Network," Journal of Security Engineering, Vol. 7, No. 6, pp. 599-607, 2010.

Abadeh, M. S., Habibi, J., and Lucas, C., "Intrusion Detection Using a Fuzzy Genetics-based Learning Algorithm," Journal of Network and Computer Applications, Vol. 30, No. 1, pp. 414-428, 2007. DOI: crossref(new window)

Zarrabi, A. and Zarrabi, A., "Internet Intrusion Detection System Service in a Cloud," International Journal of Computer Science Issues, Vol. 9, Issue 5, No. 2, pp. 308-315, 2012.

Fares, A. H., Sharawy, M. I., and Zayed, H. H., "Intrusion Detection: Supervised Machine Learning," Journal of Computing Science and Engineering, Vol. 5, No. 4, pp. 305-313, 2011. DOI: crossref(new window)

Wu, S. and Yen, E., "Data Mining-based Intrusion Detectors," Expert Systems with Applications, Vol. 36, No. 3, pp. 5605-5612, 2009. DOI: crossref(new window)

Beigh, B. M. and Peer, M. A., "Intrusion Detection and Prevention System: Classification and Quick Review," ARPN Journal of Science and Technology, Vol. 2, No. 7, pp. 661-675, 2012.

Kumar, Y. and Dhawan, S., "A Review on Information Flow in Intrusion Detection System," International Journal of Computational Engineering and Management, Vol. 15, No. 1, pp. 91-96, 2012.

Singaraju, S. and Kalpana, P., "A Precise Survey on Intrusion Detection Systems," International Journal of Advanced Research in Computer Science and Software Engineering, Vol. 2, No. 9, pp. 243-247, 2012.

Denning, D. E., "An Intrusion-Detection Model," IEEE Transaction on Software Engineering, Vol. 13, No. 2, pp. 222-232, 1987. DOI:

Nguyen, H. A., and Choi. D., "Application of Data Mining to Network Intrusion Detection: Classifier Selection Model," Challenges for Next Generation Network Operations and Service Management -Lecture Notes in Computer Science, Vol. 5297, pp. 399-408, 2008.

Jalil, K. A., Kamarudin, M. H., and Masrek, M. N., "Comparison of Machine Learning Algorithms Performance in Detecting Network Intrusion," Networking and Information Technology 2010 International Conference, pp. 221-226, 2010.

Osareh, A. and Shadgar, B., "Intrusion Detection in Computer Networks Based on Machine Learning Algorithms," International Journal of Computer Science and Network Security, Vol. 8, No. 11, pp. 15-23, 2008.

Ibrahim, H. E., Badr, S. M., and Shaheen, M. A., "Phases vs. Levels using Decision Trees for Intrusion Detection Systems," International Journal of Computer Science and Information Security, Vol. 10, No. 8, pp. 1-7, 2012.

Vapnik, V. N., The Nature of Statistical Learning Theory, Springer, 1995. DOI:

McCulloch, Warren S., and Walter Pitts., "A logical Calculus of the Ideas Immanent in Nervous Activity," The Bulletin of Mathematical Biophysics, Vol. 5, No. 4, pp. 115-133, 1943. DOI: crossref(new window)

Rosenblatt, F., Principle of Neuro Dynamics, Washington, D.C.:Spartan Books, 1962.

Minsky, M., and Papert, S., Perceptrons, Cambridge, MA : MIT Press, 1969.

Rumelhart, D. E., Hilton, G. E., and Williams, R. J., "Learning Internal Representation by Error Propagation," ICS Report, Institute for Cognitive Science, University of California, San Diego, 1986.

Ahn, B. H., "Forward Additive Neural Network Models," PhD dissertation, Kent State University, Kent, OH, USA, 1996.

Hansung Lee, Younghee Im, Jooyoung Park, Daihee Park, "Adaptive Intrusion Detection System Based on SVM and Clustering ," Journal of Korean Institute of Intelligent Systems, Vol. 13, No. 2, pp. 237-242, 2003.

Chang, C. C. and Lin, C. J., "LIBSVM: A Library for Support Vector Machine," ACM Transactions on Intelligent Systems and Technology, Vol. 2, No. 3, pp. 1-27, 2011. DOI: