In this paper, we present a novel method for the detection of network anomaly in intrusion detection system. The proposed detection algorithm, are called hybrid algorithm. It is combination of two algorithm genetic and SVM. Experimental results demonstrate to be superior to existing k-mean algorithm. | ISSN:2249-5789 Kapil Kumar Saratkar et al, International Journal of Computer Science & Communication Networks,Vol 6(2),37-44 Anomaly Detection using Genetic with SVM Algorithm in Data Mining Kapil kumar saratkar#1, Pratibha richariya*2 scholor, CSE, 1Maxim institute of technology affiliated to RGPV bhopal 2 Asst. proff, CSE, 2Maxim institute of technology affiliated to RGPV bhopal 1 kapilsaratkar25@, 2pratibha1189@ 1 ABSTRACT- In this paper, we present a novel method 1. INTRODUCTION for the detection of network anomaly in intrusion detection system. The proposed detection algorithm, are called hybrid algorithm. It is combination of two algorithm genetic and SVM. Experimental results demonstrate to be superior to existing k-mean algorithm. One of the most common problems in existing K means detection techniques is that one must specify the clusters in advance and further the algorithm is very sensitive of noise, mixed pixels and outliers. The definition of means limit the application to only numerical variables. It is data driven with relatively few assumptions on the distributions of underlying data. This paper investigates the performances of genetic algorithm (GA) with support vector machine (SVM) classification method for detecting different types of network attacks. In particular, the feature selection capability of GA and calculate the fitness value and then apply SVM for hyper plane classification to detect intrusion. In this work GA and SVM have been implemented and tested on KDD CUP 1999 dataset. GA with SVM required only 10 features to detect the attacks effectively. Our method has more accurate as compare to existing once. Generally, Intrusion detection system (IDS) has three component that is detection component, investigating component, and post-mortem component. The detection component identifies security breaches. The investigation component determines exactly what happened based on data from the detection .
