An effective intrusion detection framework based on SVM with feature augmentation

Network security is becoming increasingly important in our daily lives not only for organizations but also for individuals. Intrusion detection systems have been widely used to prevent information from being compromised, and various machine-learning techniques have been proposed to enhance the performance of intrusion detection systems. However, higher-quality training data is an essential determinant that could improve detection performance. It is well known that the marginal density ratio is the most powerful univariate classifier. In this paper, we propose an effective intrusion detection framework based on a support vector machine (SVM) with augmented features. More specifically, we implement the logarithm marginal density ratios transformation to form the original features with the goal of obtaining new and better-quality transformed features that can greatly improve the detection capability of an SVM-based detection model. The NSL-KDD dataset is used to evaluate the proposed method, and the empirical results show that it achieves a better and more robust performance than existing methods in terms of accuracy, detection rate, false alarm rate and training speed. (C) 2017 Elsevier B.V. All rights reserved.