PERFORMANCE COMPARISON OF SVM KERNELS FOR INTRUSION DETECTION SYSTEM USING UNSW-NB15 DATASET
DOI:
https://doi.org/10.9744/jte.17.2.55-61Keywords:
IDS, UNSW-NB15, SVM kernels, machine learningAbstract
Given the proliferation of internet security concerns, the Intrusion Detection System has become an essential part of the IoT network. The growing demands for study in the realm of cyberattacks necessitate the availability of datasets. UNSW-NB15 is a publicly accessible security dataset. Since its inception in 2015, numerous researchers have used this dataset to elucidate successful models for threat classification and prediction-based machine learning. Nevertheless, there is a deficiency of research specifically examining the comparison of kernels in relation to the SVM classifier. This paper presents a performance comparison of four SVM kernels. The model's outputs are assessed using execution time and false positive rate, along with four assessment metrics: accuracy, precision, recall, and F1 score. The results demonstrate that the Poly kernel attains the maximum performance, with an accuracy of 98.78%, precision of 97.98%, recall of 98.27%, and an F1 score of 98.12. Nevertheless, the execution duration of the RBF kernel is the most rapid among other SVM kernels, totaling 10 minutes and 23 seconds. Regarding the False Positive Rate, the Linear kernel exhibits optimal performance at 20%.
References
[1] E. Ozdogan, "A Comprehensive Analysis of the Machine Learning Algorithms in IoT IDS Systems," IEEE Access, vol. 12, pp. 46785-46811, 2024.
[2] Y. Otoum and A. Nayak, "AS-IDS: Anomaly and Signature Based IDS for the Internet of Things," Journal of Network and Systems Management, vol. 29, no. 3, pp. 1-26, 2021.
[3] M. Thankappan, N. Narayanan, M. S. Sanaj, A. Manoj, A. P. Menon, and M. Gokul Krishna, "Machine Learning and Deep Learning Architectures for Intrusion Detection System: A Survey," presented at the 2024 1st International Conference on Trends in Engineering Systems and Technologies (ICTEST), 2024.
[4] S. Pansare, A. Malik, and I. Batra, "Hybrid Machine Learning Algorithm for Intrusion Detection Systems," presented at the 2024 International Conference on Communication, Computer Sciences and Engineering, 2024.
[5] M. A. Almaiah et al., "Performance Investigation of Principal Component Analysis for Intrusion Detection System Using Different Support Vector Machine Kernels," Electronics, vol. 11, no. 21, 2022.
[6] M. Mohammadi et al., "A comprehensive survey and taxonomy of the SVM-based intrusion detection systems," Journal of Network and Computer Applications, vol. 178, 2021.
[7] Scikit-learn. (2024). Plot classification boundaries with different SVM Kernels. Available: https://scikit-learn.org/1.5/auto_examples/svm/plot_svm_kernels.html
[8] M. Ahmad, Q. Riaz, M. Zeeshan, H. Tahir, S. A. Haider, and M. S. Khan, "Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set," EURASIP Journal on Wireless Communications and Networking, vol. 2021, no. 10, pp. 1-23, 2021.
[9] N. Moustafa and J. Slay, "UNSW-NB15: A Comprehensive Data set for Network Intrusion Detection systems (UNSW-NB15 Network Data Set)," in Military Communications and Information Systems Conference (MilCIS), Canberra, ACT, Australia, 2015, pp. 1-6.
[10] B. A. Tama, M. Comuzzi, and K.-H. Rhee, "TSE-IDS: A Two-Stage Classifier Ensemble for Intelligent Anomaly-Based Intrusion Detection System," IEEE Access, vol. 7, pp. 94497-94507, 2019.
[11] V. Kumar, D. Sinha, A. K. Das, S. C. Pandey, and R. T. Goswami, "An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset," Cluster Computing, vol. 23, no. 2, pp. 1397-1418, 2019.
